OAuth is a great way to sidestep the dilemma of having to hand over passwords to third party sites and apps to access user data. This is the primary reason the authentication method is fast becoming a ...

Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from a wide variety of cloud platforms, and mitigating the risks is proving ...

Google today unveiled a new G Suite security feature to improve data access controls and enhance phishing prevention: OAuth apps whitelisting. The feature is designed to help companies control how ...

Google announced Monday that it has embraced OAuth for Google Apps, replacing a less secure system for developers. "Until today, Google Apps administrators had to sign requests for calls to Google ...

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...

A recent UNC6395 Salesloft Drift breach reveals Salesforce SaaS risks. Learn how to simplify breach detection, prevention, ...

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens ...

Application-based attacks that use the passwordless “log in with…” feature common to cloud services are on the rise. Against the backdrop of widespread remote working and the increased use of ...

It came across my Twitter feed in the early morning, a sea of users all sending the same message: “Want to know whos stalking you on twitter!?: http://TwitViewer ...

Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth. Office 365 users are receiving emails purporting to come from ...