In a recent advisory, Microsoft’s security team has highlighted a growing concern in the digital security landscape, the exploitation of OAuth, a commonly used system for online identity verification. Cybercriminals increasingly target this system, leveraging hijacked user accounts to gain unauthorized access and permissions within various online platforms. This trend poses a significant threat to digital security and privacy.
Cyber attackers employ many tactics, including phishing and password-spraying, to compromise user accounts, particularly those without robust authentication. Once they gain control, these accounts are manipulated to deploy virtual machines (VMs) for illicit activities like crypto mining, perpetuate Business Email Compromise (BEC) attacks, and initiate large-scale spam campaigns using an organization’s resources. The exploitation of OAuth applications through these means presents a sophisticated challenge in the realm of cybersecurity.
Microsoft has been actively monitoring these activities. The company’s efforts to enhance the detection of malicious OAuth applications are spearheaded by tools such as Microsoft Defender for Cloud Apps. These tools are crucial in preventing compromised accounts from accessing sensitive organizational resources.
In response to these threats, Microsoft has recommended that organizations bolster their defenses against such attacks. A critical step is the fortification of identity infrastructure. Microsoft’s analysis revealed that most compromised accounts lacked multifactor authentication (MFA), rendering them vulnerable to credential-guessing attacks. The implementation of MFA is a significant deterrent against such breaches.
In addition to MFA, Microsoft emphasizes the importance of conditional access policies and continuous access evaluation. These measures are designed to revoke access immediately upon detecting potential risks, providing an added security layer. Microsoft also highlights the utility of its security defaults in Azure Active Directory, which benefits organizations using the free tier. These defaults include preconfigured security settings, such as MFA and safeguards for privileged activities.
Moreover, Microsoft advises organizations to conduct thorough audits of apps and the permissions granted to them. This ensures adherence to the principles of least privilege, a cornerstone of effective digital security.
Read Also: Bitcoin Open Interest Rises On Binance & Coinbase Ahead FOMC
Trump Family's World Liberty Financial has unveiled big real-world asset (RWA) tokenization plans on Wednesday,…
Fintech giant Stripe has unveiled a suite of tools to enable businesses to tap into…
Metaplanet has expanded its Bitcoin portfolio with another purchase. The Tokyo-listed firm is now the…
Nasdaq has officially filed to list and trade BlackRock iShares Bitcoin Premium Income ETF with…
While the ASTER token has crashed 20% in the last 24 hours, to test the…
The U.S government has entered its first shutdown since 2019 after lawmakers failed to reach…