all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Salt Security: OAuth Implementation Flaw Could Lead to Account Takeover

Add to bookmarks
Oct. 25, 2023, 3:09 p.m. | Jeffrey Burt

Security Boulevard securityboulevard.com


Security flaws in the implementation of the OAuth authentication standard left hundreds of millions of users to at least three popular online sites exposed to possible account takeover by bad actors, according to researchers at Salt Security. The vulnerability resulting from how OAuth (Open Authorization) is integrated into web services platforms is the latest uncovered..


The post Salt Security: OAuth Implementation Flaw Could Lead to Account Takeover appeared first on Security Boulevard.

account account takeover authentication authorization bad bad actors cloud security cybersecurity data security exposed featured flaw flaws identity & access implementation mobile security network security noauth flaws oauth popular researchers salt salt security security security boulevard (original) security flaws services spotlight standard takeover threat intelligence vulnerabilities vulnerability web web services

Visit resource

More from securityboulevard.com / Security Boulevard

Fortinet Report Sees Faster Exploitations of New Vulnerabilities an hour ago | securityboulevard.com
analytics & intelligence apt cybersecurity devsecops +21
AT&T Spins Out Its Cybersecurity Business to Create LevelBlue an hour ago | securityboulevard.com
amp announcement att business +36
Germany Warns Russia: Hacking Will Have Consequences 2 hours ago | securityboulevard.com
actions analytics & intelligence annalena baerbock application security +50
Randall Munroe’s XKCD ‘Software Testing Day’ 3 hours ago | securityboulevard.com
humor randall munroe sarcasm satire +6
USENIX Security ’23 – Remote Code Execution from SSTI in the Sandbox: Automatically Detecting and … 5 hours ago | securityboulevard.com
access authors bugs code +22
Critical Risk Launches Critical Start Cyber Risk Register 6 hours ago | securityboulevard.com
analytics & intelligence challenges compliance critical +34
Identity, Credential Misconfigurations Open Worrying Security Gaps 7 hours ago | securityboulevard.com
active directory analytics & intelligence business cloud +35
Introducing Aembit Preview for Workload Discovery 7 hours ago | securityboulevard.com
access aembit can discovery +9
Embracing quantum readiness 7 hours ago | securityboulevard.com
assets computing cybersecurity cybersecurity impact +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Principal - Cyber Risk and Assurance - Infra/Network

@ GSK | Bengaluru Luxor North Tower
View on infosec-jobs.com

Staff Security Engineer

@ Airwallex | AU - Melbourne
View on infosec-jobs.com

Chief Information Security Officer

@ Australian Payments Plus | Sydney, New South Wales, Australia
View on infosec-jobs.com

TW Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Consultant infrastructure sécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

SOC Analyst

@ Wix | Tel Aviv, Israel
View on infosec-jobs.com
View more jobs