Hackers are taking over CEO accounts with rogue OAuth apps

From bleepingcomputer.com

Email hack

Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts.

According to a report from Proofpoint, the campaign is still ongoing, though Microsoft is monitoring the activity and has already blocked most of the apps.

The impact of executive account takeovers ranges from lateral movement on the network and insider phishing to deploying  ransomware and business email compromise incidents.

Read more…