7 matches found
Microsoft の調査 – 検証済みの発行者確認を悪用する脅威アクターの同意フィッシング キャンペーンについて
本ブログは、Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process の抄訳版です。最新の情報は原文を参照してくださ...
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network MPN accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulen...
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network MPN accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulen...
Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process
Summary On December 15th, 2022, Microsoft became aware of a consent phishing campaign involving threat actors fraudulently impersonating legitimate companies when enrolling in the Microsoft Cloud Partner Program MCPP formerly known as Microsoft Partner Network MPN. The actor used fraudulent partn...
Microsoft Investigation - Threat actor consent phishing campaign abusing the verified publisher process
Summary On December 15th, 2022, Microsoft became aware of a consent phishing campaign involving threat actors fraudulently impersonating legitimate companies when enrolling in the Microsoft Cloud Partner Program MCPP formerly known as Microsoft Partner Network MPN. The actor used fraudulent partn...
Microsoft Investigation - Threat actor consent phishing campaign abusing the verified publisher process
Summary Summary On December 15th, 2022, Microsoft became aware of a consent phishing campaign involving threat actors fraudulently impersonating legitimate companies when enrolling in the Microsoft Cloud Partner Program MCPP formerly known as Microsoft Partner Network MPN. The actor used fraudule...
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Vulnerability
Exploit for windows platform in category local exploits Title: Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Author: John Page aka hyp3rlinx Vendor: Microsoft Software link: https://www.microsoft.com/en-us/download/details.aspx?id=7558 Software Version: 2.3 References:...