GovInfoSecurity
Compliance
@prajeetspeaks) • May 6, 2021 Get Permission
Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from a wide variety of cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.
In 2020, Proofpoint detected more than 180 malicious OAuth 2.0 applications attacking over 55% of its customers with a success rate of 22%.
Microsoft introduced a Publisher Verification mechanism for Microsoft Partner Network accounts in Azure AD to help stop malicious OAuth apps targeting its cloud platforms, such as Office 365. This has had limited success in reducing cloud malware intrusions, and many challenges remain, Proofpoint and other security experts say.