oauth

Google OAuth bug left accounts open to permanent compromise

‘GhostToken’ exposed users to data theft and more.

Richard Chirgwin Apr 24 2023 12:02PM Security

ID service Dex patches token-stealing bug

Attackers could access downstream apps.

Richard Chirgwin Oct 7 2022 12:51PM Security

Heroku hackers got account passwords via OAuth token theft

Hashed and salted user passwords exfiltrated.

Juha Saarinen May 6 2022 12:50PM Security

Heroku forces user password resets

API access tokens invalidated.

Juha Saarinen May 5 2022 6:55AM Security

Microsoft warns of large 'Upgrade' phishing campaign

Machine learning picks up on suspicious OAuth use by app.

Juha Saarinen Jan 22 2022 8:37AM Security

PayPal fixes app authentication token hijack flaw

Online payments processor didn't implement OAuth right.

Juha Saarinen Nov 29 2016 2:30PM Security

'Covert Redirect' vulnerability affects OAuth 2.0, OpenID

Hot on heels of Heartbleed.

Adam Greenberg May 5 2014 6:34AM Security

7000 Hootsuite users compromised via OAuth

Spam diet bad for health.

Danielle Walker Sep 11 2013 10:00AM Security

LinkedIn fixes OAuth flaw

Researcher sends heads up.

Darren Pauli Jul 23 2013 3:11PM Security

AusCERT2012: Locking down Mozilla's Web Apps

Top tips to boost web site security.

Darren Pauli May 18 2012 12:22PM Security

Code surety: Secure by design

Total security of applications is probably a pipe dream. However, starting a secure design framework today will markedly improve applications in the future, reports Deb Radcliff.

Deb Radcliff Mar 7 2012 5:34AM Security

Twitter to switch from basic access authentication to OAuth on its API

Gone by August 31.

SC Australia Staff Aug 24 2010 2:07PM Security

Woolworths' CSO is Optus-bound

Build once. Build right. The enduring power of Azure Landing Zones.

Lion builds an app to detect its beers on tap in venues

Tech giants' indirect emissions rose 150 percent in three years

icare signs $29m cloud renewal with AWS

oauth

Google OAuth bug left accounts open to permanent compromise

ID service Dex patches token-stealing bug

Heroku hackers got account passwords via OAuth token theft

Heroku forces user password resets

Microsoft warns of large 'Upgrade' phishing campaign

PayPal fixes app authentication token hijack flaw

'Covert Redirect' vulnerability affects OAuth 2.0, OpenID

7000 Hootsuite users compromised via OAuth

LinkedIn fixes OAuth flaw

AusCERT2012: Locking down Mozilla's Web Apps

Code surety: Secure by design

Twitter to switch from basic access authentication to OAuth on its API

Most popular tech stories

Coles merges digital and customer leadership

Digital Nation announces finalists for its inaugural Digital Nation Awards

Orica to set new workforce systems live in Australia in July

Westpac pilots AI to analyse inbound call content

Westpac hires CBA's data chief to lead AI, data and digital

Australian MSP Index launched

Ingram Micro Ushers in the Age of Ultra

Announcing Pipeline 2025 tickets, theme & initial speakers

Vic gov to spend $100m on cyber security

"Waiting until an incident is in progress is too late": MSPs urged to review ransomware response as new reporting rules commence

Blackberry celebrates "giant step forward"

The three steps to industrial IoT success

Axis Communications opens experience centre in Sydney tech hub

Perth IoT vendor Digital Matter names new chief executive

IoT Impact: Regional, national and global IoT providers coming to Sydney

Woolworths' CSO is Optus-bound

Build once. Build right. The enduring power of Azure Landing Zones.

Lion builds an app to detect its beers on tap in venues

Tech giants' indirect emissions rose 150 percent in three years

icare signs $29m cloud renewal with AWS

oauth

Google OAuth bug left accounts open to permanent compromise

ID service Dex patches token-stealing bug

Heroku hackers got account passwords via OAuth token theft

Heroku forces user password resets

Microsoft warns of large 'Upgrade' phishing campaign

PayPal fixes app authentication token hijack flaw

'Covert Redirect' vulnerability affects OAuth 2.0, OpenID

7000 Hootsuite users compromised via OAuth

LinkedIn fixes OAuth flaw

AusCERT2012: Locking down Mozilla's Web Apps

Code surety: Secure by design

Twitter to switch from basic access authentication to OAuth on its API

Most popular tech stories

Coles merges digital and customer leadership

Digital Nation announces finalists for its inaugural Digital Nation Awards

Orica to set new workforce systems live in Australia in July

Westpac pilots AI to analyse inbound call content

Westpac hires CBA's data chief to lead AI, data and digital

Australian MSP Index launched

Ingram Micro Ushers in the Age of Ultra

Announcing Pipeline 2025 tickets, theme & initial speakers

Vic gov to spend $100m on cyber security

"Waiting until an incident is in progress is too late": MSPs urged to review ransomware response as new reporting rules commence

Blackberry celebrates "giant step forward"

The three steps to industrial IoT success

Axis Communications opens experience centre in Sydney tech hub

Perth IoT vendor Digital Matter names new chief executive

IoT Impact: Regional, national and global IoT providers coming to Sydney

Log In