ZDNet

Why MFA matters: These attackers cracked admin accounts then used Exchange to send spam

Microsoft has exposed a crafty case of OAuth app abuse that allowed the attackers to reconfigure the victim's Exchange server to send spam. The point of the elaborate attack was to make mass spam – ...