FBI warns OneDrive, Teams users about phishing scam. What it looks like

Here's what Microsoft users in Illinois should know about a new phishing scam announced by the FBI. The scheme targets ...

FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts

The FBI warned that Kali365 can hijack Microsoft 365 accounts by abusing device code authentication and capturing OAuth ...
Redmondmag.com

FBI Urges Microsoft 365 Defenders To Watch for Kali365 Phishing Attacks

The FBI is warning orgs about Kali365, a phishing-as-a-service kit that can help attackers get around multifactor authentication protections in Microsoft 365 environments by stealing access tokens ...

FBI warns of Kali phishing scam hitting Microsoft OAuth tokens — warns 'Kali365 lowers ...

A new phishing kit is being offered on Telegram allowing even newbie hackers an easy way to grab OAuth tokens.
ITmedia

デバイスコードを使う認証フローでアクセス権を窃取 新たな ...

この記事は会員限定です。会員登録すると全てご覧いただけます。 ロシアの支援を受ける攻撃者がデバイスコードを狙ったフィッシングキャンペーンを実行しており、観測された限りでは2024年8月から幅広い組織を攻撃している。 デバイスコードを狙った ...
MSN による配信

State actors are abusing OAuth device codes to get full M365 account access - here's what ...

Proofpoint reports phishing surge abusing Microsoft OAuth 2.0 device code flow Victims enter codes on real Microsoft domains, granting attackers access tokens Proofpoint advises blocking device code ...

FBI alert: Outlook, OneDrive and other Microsoft 365 services targeted by new cyber threat

The FBI is alerting the public to a new cyber threat involving a Phishing‑as‑a‑Service kit known as Kali365, which is ...