Threat Post

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...
Threat Post

Microsoft Warns on OAuth Attacks Against Cloud App Users

Application-based attacks that use the passwordless “log in with…” feature common to cloud services are on the rise. Against the backdrop of widespread remote working and the increased use of ...

OAuth Device Code Phishing: Azure vs. Google Compared

Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and ...
Redmond Magazine

Skype for Business Phones Switching to OAuth 2.0 in July

OAuth 2.0 authentication will be coming to Skype for Business phones, and that change will require IT pros to make some changes by July 1, 2019. If the changes aren't made by that date, then Skype for ...
Bleeping Computer

Microsoft warns of Office 365 phishing via malicious OAuth apps

Microsoft warns that with the shift to remote working, customers are exposed to additional security threats such as consent phishing, besides conventional credential theft and email phishing attacks.
Windows Report

Outlook Adds Seamless iCloud Integration Across Windows, Mac, and Mobile

Here’s to access iCloud in Outlook: Open Outlook on your Windows, Mac, or mobile device. Navigate to Settings > Add Account > iCloud. When prompted, sign in with your Apple ID. A browser window will ...