13 December 2023

Financially motivated threat actors are leveraging OAuth applications to automate Business Email Compromise (BEC) attacks, phishing campaigns, spamming activities, and to deploy Virtual Machines (VMs) for cryptomining, heightening security risks.

DonorView's exposure of one million records included sensitive donor information and details about associated children, posing risks for phishing attacks and fraudulent donation requests.

The UK's Ministry of Defence received a significant fine for failing to safeguard the personal information of Afghans seeking relocation after the Taliban took control, breaching data protection regulations.

Over 220,000 individuals' data, including personal and sensitive information along with driver details, was exposed due to a breach in Dubai's largest taxi app, posing risks for privacy violations and fraud.

Ukraine's intelligence alleges a destructive cyberattack on Russia's Federal Tax Service, leading to disruptions in internet connections between regional branches and the central office, potentially causing severe damage.

Cyber attackers exploit OAuth apps' insufficient authentication measures, creating new apps with elevated privileges to sustain access, conceal malicious activities, and automate attacks like BEC and cryptomining.

oauthdefenceukrainecyber attacksdata breachtaxidubaidata exposuremicrosoft


Subscribe to our newsletter to stay informed about CyberSecurity news. You can unsubscribe at any time.

More than Cyber Security

We offer a variety of services to help companies be prepared for real cyber-attacks.

Contact Us