oauth

Google OAuth bug left accounts open to permanent compromise

‘GhostToken’ exposed users to data theft and more.

Richard Chirgwin Apr 24 2023 12:02PM Security

ID service Dex patches token-stealing bug

Attackers could access downstream apps.

Richard Chirgwin Oct 7 2022 12:51PM Security

Heroku hackers got account passwords via OAuth token theft

Hashed and salted user passwords exfiltrated.

Juha Saarinen May 6 2022 12:50PM Security

Heroku forces user password resets

API access tokens invalidated.

Juha Saarinen May 5 2022 6:55AM Security

Microsoft warns of large 'Upgrade' phishing campaign

Machine learning picks up on suspicious OAuth use by app.

Juha Saarinen Jan 22 2022 8:37AM Security

PayPal fixes app authentication token hijack flaw

Online payments processor didn't implement OAuth right.

Juha Saarinen Nov 29 2016 2:30PM Security

'Covert Redirect' vulnerability affects OAuth 2.0, OpenID

Hot on heels of Heartbleed.

Adam Greenberg May 5 2014 6:34AM Security

7000 Hootsuite users compromised via OAuth

Spam diet bad for health.

Danielle Walker Sep 11 2013 10:00AM Security

LinkedIn fixes OAuth flaw

Researcher sends heads up.

Darren Pauli Jul 23 2013 3:11PM Security

AusCERT2012: Locking down Mozilla's Web Apps

Top tips to boost web site security.

Darren Pauli May 18 2012 12:22PM Security

Code surety: Secure by design

Total security of applications is probably a pipe dream. However, starting a secure design framework today will markedly improve applications in the future, reports Deb Radcliff.

Deb Radcliff Mar 7 2012 5:34AM Security

Twitter to switch from basic access authentication to OAuth on its API

Gone by August 31.

SC Australia Staff Aug 24 2010 2:07PM Security

AWS outage caused by "unlikely interaction" between automated systems

ACMA rejects draft consumer code as calls to end self-regulation grow louder

Telstra finds firmware locked Samsung handsets to Vodafone for Triple-0 calls

Australia to sign UN 'surveillance treaty' in Vietnam

Vocus scores three new federal government contracts

oauth

Google OAuth bug left accounts open to permanent compromise

ID service Dex patches token-stealing bug

Heroku hackers got account passwords via OAuth token theft

Heroku forces user password resets

Microsoft warns of large 'Upgrade' phishing campaign

PayPal fixes app authentication token hijack flaw

'Covert Redirect' vulnerability affects OAuth 2.0, OpenID

7000 Hootsuite users compromised via OAuth

LinkedIn fixes OAuth flaw

AusCERT2012: Locking down Mozilla's Web Apps

Code surety: Secure by design

Twitter to switch from basic access authentication to OAuth on its API

Most popular tech stories

ASIC's payroll revamp helps it repatriate staff from ATO

Macquarie Bank's digital chief to join Westpac

IAG bolsters martech stack to drive customer engagement

Jemena builds out finance automation for its month-end processes

McPherson's creates AI agent for key account teams

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Photos: Australian industry explores data for net zero

Blackberry celebrates "giant step forward"

Govt launches consumer tech label program for smart devices

Melbourne reveals its smart city ambitions

2018 Australian IoT Awards: meet the finalists

AWS outage caused by "unlikely interaction" between automated systems

ACMA rejects draft consumer code as calls to end self-regulation grow louder

Telstra finds firmware locked Samsung handsets to Vodafone for Triple-0 calls

Australia to sign UN 'surveillance treaty' in Vietnam

Vocus scores three new federal government contracts

oauth

Google OAuth bug left accounts open to permanent compromise

ID service Dex patches token-stealing bug

Heroku hackers got account passwords via OAuth token theft

Heroku forces user password resets

Microsoft warns of large 'Upgrade' phishing campaign

PayPal fixes app authentication token hijack flaw

'Covert Redirect' vulnerability affects OAuth 2.0, OpenID

7000 Hootsuite users compromised via OAuth

LinkedIn fixes OAuth flaw

AusCERT2012: Locking down Mozilla's Web Apps

Code surety: Secure by design

Twitter to switch from basic access authentication to OAuth on its API

Most popular tech stories

ASIC's payroll revamp helps it repatriate staff from ATO

Macquarie Bank's digital chief to join Westpac

IAG bolsters martech stack to drive customer engagement

Jemena builds out finance automation for its month-end processes

McPherson's creates AI agent for key account teams

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Photos: Australian industry explores data for net zero

Blackberry celebrates "giant step forward"

Govt launches consumer tech label program for smart devices

Melbourne reveals its smart city ambitions

2018 Australian IoT Awards: meet the finalists

Log In