Cybersecurity company Proofpoint on Tuesday described attacks that lulled users into authorizing permissions for malicious cloud apps because they may have trusted Microsoft Verified Publisher screening. The attackers used a malicious OAuth app to gain user consent. It deceived users via fake domain names and spoofing, Proofpoint threat research team explained, via e mail: The threat actors utilized fake domains that appear similar to the impersonated organizations real domains, and spoofed...
