Tag: oauth
Breaking News
Microsoft Targeted by Hackers in Phishing Campaign
Tyler Cross Published on: February 2, 2023 Microsoft was recently targeted by threat actors who abused the Oauth...
Phishers Trick Microsoft Into Granting Them ‘Verified’ Cloud Partner Status
Late last year, a group of threat actors managed to obtain "verified publisher" status through the Microsoft Cloud Partner Program (MCPP). This allowed them to...
SaaS RootKit Exploits Hidden Rules in Microsoft 365
Microsoft is a primary target for threat actors, who scour Microsoft applications for weaknesses. Our security research team at Adaptive Shield recently discovered a...
Use CircleCI? Here Are 3 Steps You Need to Take
As CircleCI continues to investigate the security incident affecting its continuous integration and continuous delivery (CI/CD) platform, enterprise defenders should also be hunting for...
CircleCI: Rotate Stored Secrets ASAP
DevOps platform CircleCI is warning users of its continuous integration and deployment (CI/CD) to "immediately" rotate all secrets — think passwords, API keys, SSH...
Announcing the updated Salesforce connector (V2) for Amazon Kendra
Amazon Kendra is a highly accurate and simple-to-use intelligent search service powered by machine learning (ML). Amazon Kendra offers a suite of data source...
Announcing the updated ServiceNow connector (V2) for Amazon Kendra
Amazon Kendra is a highly accurate and simple-to-use intelligent search service powered by machine learning (ML). Amazon Kendra offers a suite of data source...
GitHub Expands Secret Scanning, 2FA Across Platform
GitHub is making secrets scanning available for all public repositories and requiring all developers to enable two-factor authentication for their accounts. The secrets scanning...
Serious Security: OAuth 2 and why Microsoft is finally forcing you into it
by
Paul Ducklin
Naked Security meets Sophos X-Ops! (Read or listen according to your preference.)
We dig into OAuth 2.0, a well-known protocol for authorization.
Microsoft calls...
GitHub issues final report on supply-chain source code intrusions
by
Paul Ducklin
Early in April 2022, news broke that various users of Microsoft’s GitHub platform had suffered unauthorised access to their private source code.
GitHib has...
FacexWorm a Malicious Chrome Extension Now Found on Facebook
Reading Time: 4 minutesDo you use Facebook Messenger? Do you use Chrome on your desktop? Do you also use Bitcoin and have...