Hackers are abusing the verified status in MCPP, tricking people into giving away sensitive intel.
Hackers have been spotted abusing the Microsoft Partner Network feature for Azure AD in an attempt to steal corporate emails and other sensitive data.
Microsoft and cybersecurity pros Proofpoint worked together to combat the threats, explaining how they discovered hackers posing as legitimate companies and successfully getting verified in the Microsoft Cloud Partner Program (MCPP).
Getting verified as a legitimate business allowed the crooks to register verified OAuth apps in Azure AD which were, in reality, malicious and used to steal people’s emails via phishing. To make matters worse, Proofpoint said crooks could have also used this access to steal calendar information, as well. ...
Support the originator by clicking the read the rest link below.
