Attackers turn trusted OAuth apps into cloud backdoors

Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or multifactor authentication (MFA) is enforced. What is OAuth and how do attackers exploit it? OAuth is an authorization protocol that lets apps connect to your account (e.g., M365) safely by using special access tokens … More → The post Attackers turn trusted OAuth apps into cloud backdoors appeared first on Help Net Security.
http://news.poseidon-us.com/TNqF5n

Attackers turn trusted OAuth apps into cloud backdoors

Like this:

Related

More Posts

Trump pick to lead federal watchdog agency withdraws after offensive text messages revealed

Government shutdown takes toll on air traffic control personnel

Top 10 Takeaways from Predict 2025: Turning Intelligence Into Action

From legacy to leading edge

Construction Cost Tracking: Complete Guide

Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals

Share this: