Bleeping Computer

OAuth Device Code Phishing: Azure vs. Google Compared

Come along with me on a journey as we delve into the swirling, echoing madness of identity attacks. Today, I present a case study on how different implementations of OAuth 2.0, the core authentication ...
Security Boulevard

Understanding Implicit Identity Authentication Methods

A deep dive into implicit identity authentication methods for software development, covering oauth 2.0 flows, security risks, and modern alternatives for single-page applications.
Statetechmagazine

SAML: How It Works and How to Implement It

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...
CSOonline

Passkeys aren’t attack-proof, not until properly implemented

Almost all software and IT service authentications with passkey implementation are open to AitM attacks as they provide less secure backup options. Passkey, a password-less technology for ...
Bleeping Computer

Microsoft, Google OAuth flaws can be abused in phishing attacks

Researchers have discovered a set of previously unknown methods to launch URL redirection attacks against weak OAuth 2.0 implementations. These attacks can lead to the bypassing of phishing detection ...
Dark Reading

OneLogin Introduces Vigilance AI & SmartFactor Authentication to Combat Emerging Cybersecurity Threats

San Francisco — September 19, 2019 — OneLogin, the leader in Unified Access Management, today announced Vigilance AI, the new artificial intelligence and machine learning (AI/ML) risk engine, and ...