Hackers Taking Over CEO Accounts Using Malicious OAuth Applications
Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts.