Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...
Bleeping Computer

Ransomware gangs now abuse Microsoft Azure tool for data theft

Ransomware gangs like BianLian and Rhysida increasingly use Microsoft's Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. Storage Explorer is a ...
Ars Technica

Storing OAuth tokens and security

So, I have a bunch of R packages for interacting with Azure. One of them does authentication with AA https://github.com/Azure/AzureAuth The package currently caches ...