CSO Online

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...

State actors are abusing OAuth device codes to get full M365 account access - here's what we know

Cybercriminals, including state-sponsored threat actors, are increasingly abusing Microsoft’s OAuth 2.0 device code authentication flow to take over Microsoft 365 accounts.
The Hacker News

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.
Investopedia

Cold Calling Explained: Definition, Process, Examples, and Challenges

Adam Hayes, Ph.D., CFA, is a financial writer with 15+ years Wall Street experience as a derivatives trader. Besides his extensive derivative trading expertise, Adam is an expert in economics and ...
Investopedia

Mergers Explained: Types, Processes & Notable Examples

Marshall Hargrave is a stock analyst and writer with 10+ years of experience covering stocks and markets, as well as analyzing and valuing companies. A merger combines two companies into one.
Lifehacker

What Is Zone 2 Cardio, and How Do I Actually Do It?

A healthy dose of cardio is an important part of your exercise routine, and for a lot of us, "zone 2" cardio is going to make up a big chunk of that. Low-intensity cardio—sometimes called LISS or ...

Microsoft 365 Accounts Reportedly Breached After Hackers Exploit Legitimate Microsoft OAuth Feature

The surge in attempts to compromise Microsoft 365 accounts has been enabled by readily available phishing tools.