Microsoft Shares New Guidance in Wake of 'Midnight Blizzard' Cyberattack

Threat actors created and abused OAuth apps to access Microsoft's corporate email environment and remain there for weeks.