Kali365 doesn’t steal your password. It gets you to hand over the keys willingly — and healthcare staff are the ideal target.
A new phishing toolkit called Kali365 is circulating among low-sophistication threat actors, and the FBI has issued an advisory warning that it has already been used against healthcare organizations. The technique it exploits — known as OAuth device code phishing — is not new in security research circles. What is new is that it has been packaged into a commodity kit that requires no technical skill to deploy, dramatically lowering the barrier to entry for attacks against hospital staff, administrative personnel, and anyone using a Microsoft 365 environment.
For healthcare compliance officers, the significance is immediate: this is not a flaw in Microsoft’s systems. It is an abuse of a legitimate authentication feature — which means it bypasses most of what your current security stack is designed to catch.
Discover more from Doctor Trusted
Subscribe to get the latest posts sent to your email.
