Tag
high
advisory
O365 Risk-Based Consent Disabled
2 rules 1 TTPThe disabling of the 'risk-based step-up consent' security setting in Microsoft 365 allows users to grant consent to potentially malicious applications, increasing the risk of OAuth phishing and unauthorized access to sensitive data.
Microsoft 365 +1
o365
azuread
oauth
consent-phishing
defense-evasion
2r
1t
medium
advisory
Azure AD User Consent Blocked for Risky Application
2 rules 1 TTPAzure AD blocked a user's attempt to grant consent to a risky application, indicating potential OAuth abuse and requiring investigation of the user and application involved.
Azure Active Directory
azuread
oauth
consent-phishing
cloud
2r
1t
medium
advisory
Azure AD User Consent Denied for OAuth Application
2 rules 1 TTPThis analytic identifies instances where a user has denied consent to an OAuth application seeking permissions within the Azure AD environment, potentially indicating malicious OAuth application activity.
Azure AD
azure
oauth
consent-phishing
credential-access
2r
1t