all InfoSec news
ROPC - So, you think you have MFA?
Oct. 20, 2022, 3 p.m. |
Embrace The Red embracethered.com
The key take-away: Always enforce MFA! Sounds easy, but there are often misconfigurations and unexpected exceptions. So, test your own AAD tenant for ROPC based MFA bypass opportunities.
Github: https://github.com/wunderwuzzi23/ropci
What is ROPC? Resource Owner Password Credentials (ROPC) is an OAuth2 authorization grant type (“flow”) defined in RFC 6749.
More from embracethered.com / Embrace The Red
ChatGPT: Hacking Memories with Prompt Injection
1 week, 3 days ago |
embracethered.com
Pivot to the Clouds: Cookie Theft in 2024
2 weeks, 2 days ago |
embracethered.com
Bobby Tables but with LLM Apps - Google NotebookML Data Exfiltration
1 month, 2 weeks ago |
embracethered.com
HackSpaceCon 2024: Short Trip Report, Slides and Rocket Launch
1 month, 2 weeks ago |
embracethered.com
ASCII Smuggler - Improvements
2 months, 4 weeks ago |
embracethered.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC