OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks.

Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks.

The attackers compromise user accounts …

Iranian Peach Sandstorm group behind recent password spray attacks

Iran-linked Peach Sandstorm APT is behind password spray attacks against thousands of organizations globally between February and July 2023.

Microsoft researchers observed a series of password spray attacks conducted by Iran nation-state actors as part of a campaign named Peach …

文 » A