FBI: Kali365 Phishing Kit is Targeting Microsoft 365 Accounts
ID: a479c42d-317e-5832-b77d-2e5f3bda371e
STIX ID: report--a479c42d-317e-5832-b77d-2e5f3bda371e
Feed Name: KnowBe4 Blog
The FBI warns of Kali365, a phishing-as-a-service platform that uses OAuth device code flows to capture access and refresh tokens and gain persistent access to Microsoft 365 services without stealing credentials or bypassing MFA. The report describes the attack chain—phishing lure with a device code, victims entering the code on a legitimate Microsoft verification page, attackers capturing tokens—and recommends locking down device code authentication and conducting employee phishing awareness training.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
