Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Security Boulevard

What Is a Single Sign-On (SSO) Code?

Locked out? Learn what an SSO code actually is, where to find your company domain, and how to solve common login errors in Zoom, Slack, and Salesforce.

Hackers target Microsoft Entra accounts in device code vishing attacks

Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code ...
Threat Post

OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking

Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover. Third-party applications that allow single sign-on via Facebook ...
Threat Post

EA Games Patches Account-Hijacking Bug

A bug in the Electronic Arts gaming platform’s single sign-on mechanism could have allowed hackers to access game accounts. Researchers chained together two vulnerabilities in the Electronic Arts (EA) ...