Pawn Storm Abuses OAuth In Social Engineering Attacks

This blog post discusses how Pawn Storm abused Open Authentication (OAuth) in advanced social engineering schemes. High profile users of free webmail were targeted by campaigns between 2015 and 2016.

Social engineering (security) - Wikipedia

Detection and Mitigation of Illicit Consent Grant Attacks in Azure AD - Thomas Naunheim

rootkit Archives - Security Affairs

Paul Pols - The Unified Kill Chain 1, PDF, Computer Security

Ontological Model of a Social Engineering Attack [in accordance with 10].

How to Protect Against Social Engineering Attacks?

Pawn Storm Abuses OAuth In Social Engineering Attacks

Pawn Storm's Lack of Sophistication as a Strategy

Russian cyber attack campaigns and actors

OAuth, Breaking Cybersecurity News