Another Office 365 OAuth Attack Targets Coinbase Users to Gain Compromised Email Access

The latest attack attempts to trick Office 365 users that use Coinbase into giving access to their mailbox via a Consent app rather than trying to steal their credentials. Once access is granted, the app now has access to read the victims emails, delete messages, and more. This kind of attack isnt new but is instead gaining ground. Weve seen Consent app-based attacks since the beginning of this year. Users need to be educated via Security Awareness Training that they should be looking for these kinds of attacks.”]

Source: https://blog.knowbe4.com/another-office-365-oauth-attack-targets-coinbase-users-to-gain-compromised-email-access

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text