Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. OAuth (short for Open ...

Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from a wide variety of cloud platforms, and mitigating the risks is proving ...

In this episode of eSpeaks, Jennifer Margles, Director of Product Management at BMC Software, discusses the transition from traditional job scheduling to the era of the autonomous enterprise. eSpeaks’ ...

Vercel blamed its breach on an earlier hack at Context AI, which allowed hackers to hijack a Vercel employee's account to ...

Threat actors deployed OAuth applications on compromised cloud tenants and then used them to control Exchange servers and spread spam. The news is the result of an investigation by Microsoft ...

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...

Federation is a model of identity management that distributes the various individual components of an identity operation amongst different actors. The presumption being that the jobs can be ...

Twitter officially disabled Basic authentication this week, the final step in the company’s transition to mandatory OAuth authentication. Sadly, Twitter’s extremely poor implementation of the OAuth ...