A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat ...

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...

Microsoft warns that with the shift to remote working, customers are exposed to additional security threats such as consent phishing, besides conventional credential theft and email phishing attacks.

Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization ...

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth. Office 365 users are receiving emails purporting to come from ...

Threat actors are increasingly including malicious OAuth apps in their campaigns to break into cloud-based systems and applications. To address this growing problem, Microsoft is adding automated ...

A new cyberattack is targeting Microsoft 365 users through Signal and WhatsApp messages, with hackers impersonating government officials in order to gain access to accounts. According to reporting ...

WALTHAM, MA--(Marketwired - Nov 20, 2015) - CloudLock, the leading provider of Cloud Access Security Brokerage (CASB) and Cybersecurity-as-a-Service solutions, today announced the only cloud-native ...

Microsoft has made it easier for developers to build apps for Office 365, with more complete APIs and new developer tools within Visual Studio. At its SharePoint Conference 2014 today, the company ...