Posted on
in Presentations
With Storm-2372 (2025), Russian threat actors used OAuth Device Code Phishing to abuse the device registration process to hijack the Primary Refresh Token. This session will recreate the attack, compare valid activity, showing logging, access policies and detection rules. Attendees will take away concrete implementation guidance and what can be changed to mitigate/detect/respond more effectively.
Access This and Other RSAC™ Conference Presentations with Your Free RSAC Membership
Your RSAC™ Membership also includes AI-powered summaries, mind maps, and slides for Conference presentations, Group Discussions with experts, and more.
Watch Now >>
Share With Your Community