SaaS RootKit: Attack to Create Hidden Rules in Office 365

Source: thenewstack.io

SaaS RootKit: Attack to Create Hidden Rules in Office 365
Bad actors are always on the search for new methods of attack, making it our job to always stay two steps ahead of them. Adaptive Shield security researchers have discovered a new attack vector due to a vulnerability within Microsoft’s OAuth application registration. Through this vulnerability, an attack can use Exchange’s legacy API to create hidden forwarding rules in Microsoft 365 mailboxes.

Third-party app access combined with hidden forwarding rules creates a sort of SaaS rootkit.

An attack through these hidden forwarding rules should not be mistaken for a one-off, but rather the start of a new attack method through SaaS apps.
Read Full Article On thenewstack.io
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Digital Ocean

Scala Hosting

Become a Partner?
DevOps Careers
    • Add a Job?