SiliconANGLE

Potential OAuth lapses could have led to significant data breaches, warns Salt Labs

A new report released today by application programming interface security startup Salt Security Inc. warns of significant vulnerabilities in several major online platforms’ social sign-in and Open ...
Business Wire

Bloomreach Now Supports Frictionless Integrations With Third-Party Applications Requiring OAuth 2.0 Authentication Method

MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)--Bloomreach, the world’s #1 Commerce Experience Cloud, today announced the support of Open Authorization (OAuth) 2.0 authentication for webhooks, an industry ...
Dark Reading

Attackers Target Microsoft Accounts to Weaponize OAuth Apps

Threat actors are abusing organizations' weak authentication practices to create and exploit OAuth applications, often for financial gain, in a string of attacks that include various vectors, ...
InfoWorld

Doing authentication right

Any substantial website is going to need to customize itself for individual users. Thus, it is going to have to authenticate those users — that is, let them log in. As a software developer, it is your ...
Dark Reading

Microsoft Previews Feature to Block Malicious OAuth Apps

Threat actors are increasingly including malicious OAuth apps in their campaigns to break into cloud-based systems and applications. To address this growing problem, Microsoft is adding automated ...
Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...