Security News > 2018 > June > Phishing Defense: Block OAuth Token Attacks

2018-06-21 10:03
But OAuth Attack Defense Remains Tricky, Warns FireEye's Douglas BienstockJust one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
News URL
https://www.inforisktoday.com/phishing-defense-block-oauth-token-attacks-a-11117
Related news
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Case Study: Are CSRF Tokens Sufficient in Preventing CSRF Attacks? (source)
- Recent GitHub supply chain attack traced to leaked SpotBugs token (source)
- SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack (source)
- That massive GitHub supply chain attack? It all started with a stolen SpotBugs token (source)
- iOS devices face twice the phishing attacks of Android (source)
- 41% of Attacks Bypass Defenses: Adversarial Exposure Validation Fixes That (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Phishers abuse Google OAuth to spoof Google in DKIM replay attack (source)