All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

FBI warns of Kali365 phishing platform targeting Microsoft 365 accounts

By

Matt Kapko

4d ago· 3 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Baker's choice. Dense with flavour, light on filler.

Score80TypenewsSentimentnegative

Summary

The FBI has issued a public service announcement warning about Kali365, a growing phishing-as-a-service platform that targets Microsoft 365 users. The toolkit bypasses multi-factor authentication by abusing OAuth device code authorizations through phishing lures impersonating enterprise services. This grants cybercriminal-controlled applications persistent access to Microsoft 365 accounts, potentially leading to data theft, fraud, extortion, and ransomware attacks. First observed in April, Kali365 exploits legitimate Microsoft device authorization pages to maintain access.

Key quotes

· 4 pulled
The FBI is warning organizations and defenders about Kali365, a growing phishing-as-a-service platform that retrieves Microsoft 365 access tokens, issuing a public service announcement Thursday.
The toolkit bypasses multi-factor authentication and abuses OAuth device code authorizations via phishing lures impersonating common enterprise services.
This technique grants cybercriminal-controlled applications access to Microsoft 365 accounts, opening victims up to a host of follow-on malicious activity, including data theft, fraud, extortion and ransomware attacks.
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications.
Snippet from the RSS feed
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications.

You might also wanna read

Scammers exploit Microsoft account loophole to send spam from legitimate internal email address

Scammers have been exploiting a loophole in Microsoft's system to send spam emails from an internal Microsoft email address that is normally

techcrunch.com·8d ago

Microsoft 365 Copilot Vulnerability: Mermaid Diagram Attack Enables Data Exfiltration

A security researcher discovered a vulnerability in Microsoft 365 Copilot where specially crafted Office documents could trigger indirect pr

adamlogue.com·7mo ago

How a Fake Job Interview Nearly Installed Malware on My Computer

A developer shares a personal account of nearly falling victim to a sophisticated job interview scam where a fake blockchain company recruit

blog.daviddodda.com·7mo ago