Krebs on Security

Malicious Office 365 Apps Are the Ultimate Insiders

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to ...
Bleeping Computer

Phishing Attack Hijacks Office 365 Accounts Using OAuth Apps

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...