SecurityBrief Australia·3 min read·hard
Proofpoint spots Entra ID spoofing attack technique
S
Sean Mitchell
✦AI Summary
Security researchers at Proofpoint have identified a new technique where attackers spoof OAuth client IDs to enumerate Microsoft Entra ID accounts. This method allows threat actors to validate usernames and passwords while bypassing standard security monitoring and conditional access policies.
Proofpoint has identified a cloud attack technique that lets threat actors enumerate Microsoft Entra ID accounts by spoofing OAuth client IDs. The method has appeared in multiple large-scale campaigns.
technologybusiness
✦
Get the full story
Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.
Create free accountAlready have an account? Sign in