Midnight Blizzard Exploiting Legacy OAuth for Lateral Movement

Summary: Midnight Blizzard exploited a legacy test OAuth application with elevated access due to a common password and lack of multi-factor authentication (MFA). The attackers leveraged this access to move laterally within Microsoft's network, potentially exfiltrating data and gaining broader control. Threat Level - Red | Attack Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.