CSOonline

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Booking.com, one of the world’s largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to ...
https//fedtechmagazine.com

Federated Identity Management: SAML vs OAuth for Agencies

As identity and access management and single sign-on become more prevalent across government, IT pros should catch up on the differences between different security protocols. In April 2018, the Office ...
Android

Google’s OAuth flaw is potentially exposing millions of accounts

Researchers have discovered a flaw in Google’s OAuth system that could allow attackers to access potentially sensitive data from former employee accounts at defunct startups. Google’s OAuth is the ...
Dark Reading

OAuth Abuse: The Threat of Illicit Consent Grants

Picture this: You invite a new friend over with the expectation of enjoying some time together and getting to know them better. But, instead of sitting quietly on your sofa, they rush off and start ...