Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports

Jul 21, 2023

The recent attack against Microsoft’s email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought.
According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and

Get Free Report & Network Analysis

Please check your email for the free report.