Defending SaaS-based applications against ShinyHunters OAuth abuse
Microsoft Threat Intelligence has identified activity by the threat actor ShinyHunters involving abuse of OAuth in SaaS-based applications. The actor employs tactics such as voice phishing (vishing)…
Read the full articleYou might also wanna read

ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades
The ShinyHunters group targeted Salesforce users by tricking them into authorizing a malicious Salesforce Data Loader application, which the
ShinyHunters Breaches Reveal Shift to Credential-Based Cyberattacks
Breaches tied to ShinyHunters include University of Nottingham, DentaQuest, 7-Eleven, Medtronic, and Wynn Resorts. The activity has been lin
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce enviro
Microsoft Warns ShinyHunters-Linked Hackers Are Exploiting Salesforce Apps to Steal Enterprise Data
Microsoft warns ShinyHunters-linked hackers abused OAuth, vishing and trusted Salesforce integrations to steal enterprise data and maintain

'A single entry point can rapidly expand to greater enterprise impacts': Microsoft introduces changes to tackle ShinyHunters
Greater visibility, better detection, and stronger governance over OAuth-connected applications should mitigate ShinyHunters attacks.
Charter Communications confirms data breach after ShinyHunters vishing attack
Charter Communications confirmed a data breach after ShinyHunters threatened to leak stolen information, while the company says no sensitive
hendryadrian.com·1mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.