EvilProxy
-
Microsoft warns OAuth redirect abuse used to deliver malware to government targets
Microsoft warned that phishing campaigns are abusing OAuth redirect features to deliver malware to government and public sector targets, using malicious OAuth apps, ZIP payloads, PowerShell and DLL sideloading. Organizations are advised to limit consent and review app permissions.
-
Microsoft warns of OAuth redirect abuse used to deliver malware to public sector
Microsoft warned that attackers are abusing OAuth redirect features to bypass phishing defenses and direct government and public sector users to attacker controlled domains that deliver malware or intercept credentials.
