Hackers are abusing OAuth applications for automated financial attacks. OAuth allows third-party apps to access user data without exposing login credentials. Microsoft researchers have found that hackers exploit weak authentication to compromise accounts and then use OAuth apps for malicious activities such as crypto mining, persistence post-BEC, and spam. Microsoft recommends mitigating credential guessing attack risks and enabling security measures like conditional access policies and continuous access evaluation. Hashtags: #OAuth #CyberAttack #FinancialAttacks #CryptoMining #BEC #Phishing

https://cybersecuritynews.com/hackers-abuse-oauth-applications/