Midnight Blizzard Exploiting Legacy OAuth for Lateral Movement
Midnight Blizzard Exploiting Legacy OAuth for Lateral Movement
Summary:
Midnight Blizzard exploited a legacy test OAuth application with elevated access due to a common password and lack of multi-factor authentication (MFA). The attackers leveraged this access to move laterally within Microsoft’s network, potentially exfiltrating data and gaining broader control.
Threat Level – Red | Attack Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.