Oauth Archives - Securezoo

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks

Authentication, Cybersecurity Attacks, Messaging Security / Frank Crast / October 7, 2022 / authentication, basic auth, EAS, EWS, Exchange, Exchange Online, IMAP, Microsoft, Oauth, OAuth 2.0, Outlook, POP, RPS, SMTP

Microsoft has disabled Basic authentication in Exchange Online tenants to help fight against password spray attacks. Attackers are stepping up attacks in anticipation, Microsoft warns.

Microsoft disables Basic authentication in Exchange Online to fight password spray attacks Read More »

Threat actor deploys malicious OAuth apps on compromised cloud tenants to spread spam

Access Control, Authentication, Cloud Security, Cybersecurity Attacks, Messaging Security / Frank Crast / September 25, 2022 / AAD, Cloud, MFA, Microsoft, Oauth

Microsoft has been monitoring a threat actor deploying malicious OAuth apps on compromised cloud tenants to spread spam.

Threat actor deploys malicious OAuth apps on compromised cloud tenants to spread spam Read More »

GitLab issues security update for Critical hard-coded password vulnerability (CVE-2022-1162)

Application Security, Password Management, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / April 2, 2022 / CVE-2022-1162, GitLab, LDAP, Oauth, OmniAuth, passwords

GitLab has issued a security update to address a Critical vulnerability CVE-2022-1162 where static passwords were inadvertently set during OmniAuth-based registration.

GitLab issues security update for Critical hard-coded password vulnerability (CVE-2022-1162) Read More »

Major data breach at Zomato

Application Security, Data Breach, Data Privacy / Frank Crast / May 18, 2017 / Data Breach, Oauth, Password, Zomato

A major security breach of restaurant search website Zomato exposed personal information on 17 million users’ to include emails, names and passwords were stolen by hackers.

Major data breach at Zomato Read More »