Threat Post

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...
Threat Post

Twitter OAuth API Keys Leaked

The OAuth keys and secrets that official Twitter applications use to access users’ Twitter accounts have been leaked in a post to Github this morning. The OAuth keys and secrets that official Twitter ...
CSOonline

What is OAuth? How the open authorization framework works

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on (SSO) access experience among multiple ...
InfoWorld

Implement HTTP authentication in Web API

We wouldn’t consider Windows authentication as a feasible strategy as you cannot expose your service over the Internet if you leverage Windows authentication. Forms authentication uses the ASP.Net ...
Forbes

Security Warning For Facebook Users Who Login With Gmail OAuth Code

How do you sign into services? Because a newly disclosed Facebook exploit might change how you go about it in future... In an eye-opening blog post, security researcher Youssef Sammouda has revealed ...
9to5google

Google disabling third-party OAuth app logins from web-views over the next year

Using a login party like Google, Twitter, or Facebook is much more convenient than remembering a username and password for individual services. To improve security for this type of sign-in, Google is ...