New phishing kits target Microsoft 365 and evade MFA
🛡️ Two new phishing kits, Jalisco and OmegaLord, are being used to target Microsoft 365 accounts and bypass multi-factor authentication. Jalisco leverages the OAuth 2.0 device-code flow to trick victims into authorizing attacker-controlled devices, while OmegaLord poses as a PDF reader to harvest credentials and phone numbers. Researchers at ReliaQuest analyzed both toolkits and found attackers quickly exfiltrate data from SaaS platforms before demanding extortion. The report recommends tightening device-registration limits and blocking device-code authentication to reduce risk.
