Malicious OAuth apps are an issue that has plagued M365 for many years. By default, end users are given great freedom to “authorize” OAuth apps and provide them access to the M365 tenant, unknowingly creating a security issue that persists even once the affected user’s password has changed! 

In today’s episode, Andy and Paul Schnakenburg discuss the danger of malicious OAuth apps at length, providing listeners info on the danger, what you can do about it, and what you need to look out for! Hope you enjoy! 

Timestamps:

(1:57) – What are malicious OAuth Applications? 

(5:21) – Who can authorize OAuth Applications in a M365 tenant? 

(8:25) – How are malicious OAuth Applications getting past Microsoft Review? 

(14:56) – An example of a how a malicious OAuth Application might function in an attack 

(17:44) – Mitigation and prevention of malicious OAuth Application attacks 

(25:35) – The M365 Essential Companion Guide eBook 

Episode Resources:

M365 Publisher Verification

M365 Publisher Attestation

M365 App Certification

M365 ACAT Tool

Free eBook 'Microsoft 365: The Essential Companion Guide'

Find Andy on LinkedIn, Twitter or Mastadon

Find Paul on LinkedIn or Twitter