+44 (0)203 88 020 88

Menu

Search

Author name: Ian Reynolds

Oauth attack against Office365

A novel attack vector has been seen in the wild: using OAuth permissions to compromise Office365 Accounts Reported by anti-phishing security firm PhishLabs, the new attack leverages the persistent permissions of OAuth authentication to get access to the target Office365 accounts without ever compromising the login credentials. The attack starts with a phishing email which

Oauth attack against Office365 Read More »

Critical Oracle EBS vulnerabilities remain unpatched

Flaws in the Oracle Thin Client Framework API used in the General Ledger and Work in Progress modules of Oracle EBS leave thousands of firms vulnerable to financial fraud. Specialist Oracle security firm Onapsis has released a summary of exploits based on these vulnerabilities which they name Payday. One proof of concept demonstration shows how an

Critical Oracle EBS vulnerabilities remain unpatched Read More »

0

No products in the basket.

No products in the basket.