all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Booking.com's OAuth Implementation Allows Full Account Takeover

Add to bookmarks
March 2, 2023, 4:16 p.m. | Elizabeth Montalbano, Contributor, Dark Reading

Dark Reading www.darkreading.com

Researchers exploited issues in the authentication protocol to force an open redirection from the popular hotel reservations site when users used Facebook to log in to accounts.

account accounts account takeover authentication booking booking.com exploited facebook hotel log oauth popular protocol researchers takeover

Visit resource

More from www.darkreading.com / Dark Reading

The Role of the CISO in Digital Transformation 5 months ago | www.darkreading.com
ciso cloud cloud migration controls +15
Cyber Threats to Watch Out for in 2024 5 months ago | www.darkreading.com
capabilities cloud cyber cyber threats +19
CISA, NCSC Offer a Road Map, Not Rules, in New Secure AI Guidelines 5 months ago | www.darkreading.com
build cisa companies down +7
Ardent Health Hospitals Disrupted After Ransomware Attack 5 months ago | www.darkreading.com
ardent attack breach care +7
General Electric, DARPA Hack Claims Raise National Security Concerns 5 months ago | www.darkreading.com
access ai research claims classified +19
Hamas-Linked APT Wields New SysJoker Backdoor Against Israel 5 months ago | www.darkreading.com
apt backdoor cybergang gaza +10
Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity 5 months ago | www.darkreading.com
breaches business companies consumer +13
Balancing Simplicity and Security in the Digital Experience 5 months ago | www.darkreading.com
businesses consumer data digital +9
Hack The Box Launches 5th Annual University CTF Competition 5 months, 1 week ago | www.darkreading.com
box competition ctf hack +2

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs