Microsoft Warns on OAuth Attacks Against Cloud App Users
Application-based attacks that use the passwordless “log in with…” feature common to cloud services are on the rise.
We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated. Recently, while examining…