LOWVulnerability
Global
Azure Password-Spraying Attack Bypasses MFA Defenses
·Source: Bank Info Security
Updated:
Executive Summary
Threat Actor Uses Deprecated OAuth 2.0 Authentication Flow Attackers behind a password-spraying campaign targeting Microsoft Office 365 accounts have amassed dozens of victims by abusing a deprecated feature in OAuth
Analysis
Threat Actor Uses Deprecated OAuth 2.0 Authentication Flow Attackers behind a password-spraying campaign targeting Microsoft Office 365 accounts have amassed dozens of victims by abusing a deprecated feature in OAuth 2.0 to generate access tokens, in some cases sidestepping multifactor authentication controls, warn researchers.