Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or multifactor authentication (MFA) is enforced. What is OAuth and how do attackers exploit it? OAuth is an authorization protocol that lets apps connect to your account (e.g., M365) safely by using special access tokens … More
The post Attackers turn trusted OAuth apps into cloud backdoors appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: