Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials

australia Don't miss enterprise Featured news MFA Microsoft News oauth Office 365 phishing

Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to the victim organizations’ network by registering it with their Azure AD. If successful, they are ready to launch the second wave of the campaign, which consists of sending more phishing emails to targets outside the organization as well as within (to expand their foothold). The campaign … More

The post Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials appeared first on Help Net Security.

Source: help net security.com