One of the most common pieces of anti-phishing advice is to double-check the website’s domain name before providing your credentials. Typically, a fraudulent domain stands out to the trained eye, differing from the official URL by at least a few characters. Recently, however, Kaspersky encountered a campaign where attackers instruct victims to input data directly into a legitimate, trusted corporate site: the Microsoft Identity Platform, which supports an OAuth 2.0 specification known as the Device Authorization Grant.
This specific protocol extension was designed to simplify the login experience for smart TVs, IoT hardware, printers, and other input-constrained devices that lack a full browser or keyboard. It allows users to use a nearby smartphone or PC for authorizing these devices to access their accounts.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- QakBot attacks with Windows zero-day (CVE-2024-30051)
May 14, 2024
In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild. While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on ...
- Millions of Messages Distribute LockBit Black Ransomware
May 13, 2024
Beginning April 24, 2024 and continuing daily for about a week, Proofpoint observed high-volume campaigns with millions of messages facilitated by the Phorpiex botnet and delivering LockBit Black ransomware. This is the first time Proofpoint researchers have observed samples of LockBit Black ransomware (aka LockBit 3.0) being delivered via Phorpiex in such high volumes. The LockBit ...
- How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
May 13, 2024
The incoming phone call flashes on a victim’s phone. It may only last a few seconds, but can end with the victim handing over codes that give cybercriminals the ability to hijack their online accounts or drain their crypto and digital wallets. “This is the PayPal security team here. We’ve detected some unusual activity on your ...
- Philippine National Police checking alleged data breach in its logistics system
May 13, 2024
The Philippine National Police (PNP) on Monday said it was looking into a possible breach in its logistics, data, information, and management system. “At about 10 a.m. today, it was reported that yun pong logistics, data, information, and management system experienced an alleged breach,” PNP spokesperson Police Colonel Jean Fajardo said in a presser. Read more… Source: GMA ...
- Dell data breach may affect up to 49m customers
May 13, 2024
Dell has confirmed a data breach that could, according to reports, have affected up to 49m customers. The breach revealed names and addresses of Dell customers, as well as information about equipment purchased, although the tech giant says that no payment or banking details were uncovered in the incident. Read more… Source: MSN News Sign up for our Newsletter Related:
- Some Firstmac customer details breached in home lender hack
May 10, 2024
Some current and former customers of Brisbane-based non-bank home lender Firstmac were notified this afternoon that some of their details had been compromised in a “cyber incident”. Firstmac said that as soon as the incident was detected, they took steps to secure their systems, and engaged cyber security experts. Read more… Source: MSN News Sign up for our Newsletter Related:

