Voice of Emirates – Recent security reports have revealed a new cyberattack targeting Microsoft 365 users without requiring password theft. This attack does not need to compromise accounts using traditional methods; instead, it exploits official authentication mechanisms built into the Microsoft system itself.
■ Attack mechanism
The attack relies on exploiting authentication tokens (OAuth Tokens). These tokens are a legitimate way for applications to access user accounts without requiring a password each time. Hackers trick victims into giving these tokens to seemingly trustworthy applications. This allows attackers to gain full access to email, files, and sensitive data.
■ Why is the attack dangerous?
It doesn’t require password theft or cracking.
It bypasses two-factor authentication (2FA).
It’s difficult to detect because it uses official tools.
It allows long-term access to compromised accounts.
■ Most targeted groups
Companies and organizations that rely on Microsoft 365 are vulnerable to this type of attack, especially those that allow the integration of external applications without strict controls.
■ Security warnings and recommendations
Cybersecurity experts recommend:
Regularly reviewing applications linked to accounts
Restricting permissions for third-party applications
Monitoring login logs and unusual activity
Educating users about not granting permissions arbitrarily
■ Warning message
Experts emphasize that digital security is no longer solely about passwords. It now encompasses managing permissions and trust within cloud systems, especially given the evolving methods of hacking and exploiting unconventional vulnerabilities. This new attack highlights a growing challenge for organizations in protecting their data, particularly in the era of cloud services and the increasing reliance on smart solutions.
