Security researchers at Calif.-based Proofpoint have uncovered a large-scale account takeover campaign aimed at Microsoft Entra ID environments. The attackers are using TeamFiltration, an open source ...
Heroku has explained why it emailed users with a sudden password reset warning earlier this week, and how it was due to the theft of OAuth tokens from GitHub. "[Our investigation] revealed that the ...
Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization ...
Heroku has alerted a "subset" of its users that it is going to reset their passwords on May 4 unless they change passwords beforehand. In resetting the password, the company is warning that existing ...
GitHub has revealed that dozens of organizations were compromised by a data thief that used stolen OAuth tokens to access their private repositories. The developer platform’s security team opened an ...
Salesloft breach shows how OAuth tokens abused by trusted apps enable data exposure, underscoring the need for Zero Trust and ...
Salesforce subsidiary Heroku on Thursday said that the threat actor that stole Heroku GitHub integration OAuth tokens in April also accessed an internal database containing hashed and salted passwords ...
Salesforce platform-as-a-service provider Heroku has revealed that the April hack, which saw OAuth tokens for Microsoft Github integration downloaded by a threat actor, went further than initally ...
Turns out your biggest breach risk might come from a vendor’s acquisition — and an old OAuth token you didn’t even know existed. The recent SalesLoft Drift breaches revealed an uncomfortable truth ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback