Google OAuth and phantom accounts
Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.
666 articles
Google OAuth allows to create phantom Google accounts — uncontrollable by corporate Google Workspace administrators.
Single sign-on is supposed to enhance corporate security, but it’s essential that cloud vendors have the information security team’s back.
What’s the principle of least privilege, why’s it needed, and how does it help secure corporate information assets?
Detailed analysis of Operation Triangulation, the most sophisticated attack our experts have ever seen, presented at 37C3 conference.
A serious vulnerability in UEFI firmware relevant to a large number of modern computers, and even servers.
Attackers are hijacking hotel accounts on Booking.com, and stealing their clients’ banking data through its internal messaging system.
Researchers used a hardware hack to bypass Windows Hello biometric authentication on three different devices. Can you trust this login method?
During the pre-holiday period, attackers are sending invoices to companies for the delivery of non-existent documents.
Methods used by attackers to redirect victims to malicious and phishing sites from seemingly safe URLs.
Cybercriminals send the Remcos remote-access trojan under the guise of letters from a new client.
Typical security issues of WordPress, and how they can be addressed to protect your website or online store from cybercriminals.
Espionage operations to hack corporate routers are now commonplace — and all organizations need to be aware of this.
How a recently discovered bug in Intel processors threatens cloud providers.
How attackers use infected archives and malicious browser extensions to steal Facebook Business accounts.
We discuss what zero-click attacks are, why they’re dangerous, and how to protect your company from them.
Four handy ways to lock your screen on Windows and macOS.
Mistakes commonly found in almost every large organization. What should the inforsec team look out for, and what protective measures should they take?
We explore some common misconceptions about the development and application of Cyber Immune products based on KasperskyOS.
Four major studies presented by our experts at the SAS 2023 international conference.
It’s time to update Confluence Data Center and Confluence Server: they contain a serious vulnerability that allows unauthorized creation of administrator accounts.
How and why did American researchers try to extract sound from a video signal, and was it worth it?