Tag: OAuth
-
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Cybersecurity researchers have detailed a “severe design flaw” in Google Workspace’s domain-wide delegation (DWD) feature that could be …
-
Flaws in OAuth’s social sign-in could have put billions of users at risk
Salt Labs on Tuesday uncovered API security vulnerabilities in the social sign-in and Open Authentication (OAuth) implementations of …
-
OAuth.Tools: The Online Tool That Goes beyond JWTs
JSON Web Tokens (JWTs) are powerful and convenient tools for securing APIs. Their format is standardized; they are cryptographically …
-
How to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive Scopes
From a user’s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain …
-
Supply Chain Attacks: How to Mitigate OAuth Token Theft
With the rising dependency on SaaS services and token-based access comes great flexibility, often with a high degree of security. However, …
-
Microsoft Azure AD flaw can lead to account takeover
June 23, 2023 – Cybercriminals are more motivated than even when no one’s at work to fend them off. So be prepared and remain vigilant …
-
API Bug in OAuth dev tool opened websites, apps to account hijacking
A critical API flaw in the Expo open-source framework allow attackers to harvest auth credentials via the Open Authorization (OAuth) …
-
OAuth Flaw in Expo Platform Affects Hundreds of Third-Party Sites, Apps
A cybersecurity vulnerability found in an implementation of the social login functionality opens the door to account takeovers and …
-
Uncovering (and Understanding) the Hidden Risks of SaaS Apps
Recent data breaches across CircleCI, LastPass, and Okta underscore a common theme: The enterprise SaaS stacks connected to these …
-
Booking.com account takeover flaw shows possible pitfalls in OAuth implementations
Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth …
-
OAuth vulnerabilities on Booking.com could have resulted in account takeovers
Security researchers at Salt Security Inc. today released new threat research that highlights critical security flaws found on the website …
-
5 Steps to Modernize Large Websites using OAuth
One of the major concerns in software systems is keeping a code base maintainable over time as the amount of logic grows. In recent years …
●●●