digitalcourage.social

Inautilo<a href="https://mastodon.social/tags/Development" class="mention hashtag" rel="nofollow noopener" target="_blank">#Development</a> <a href="https://mastodon.social/tags/Guides" class="mention hashtag" rel="nofollow noopener" target="_blank">#Guides</a> An illustrated guide to OAuth · How delegated access works behind the scenes <a href="https://ilo.im/166dtf" rel="nofollow noopener" translate="no" target="_blank">https://ilo.im/166dtf</a>_____ <a href="https://mastodon.social/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authorization</a> <a href="https://mastodon.social/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authentication</a> <a href="https://mastodon.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> <a href="https://mastodon.social/tags/ClientServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#ClientServer</a> <a href="https://mastodon.social/tags/ThirdParty" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThirdParty</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a> <a href="https://mastodon.social/tags/Frontend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Frontend</a> <a href="https://mastodon.social/tags/Backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#Backend</a>

Alvin Ashcraft 🐿️MCP Gets OAuth: Understanding the New Authorization Specification | MCP Dev Days.<a href="https://www.youtube.com/watch?v=EXxIeOfJsqA" rel="nofollow noopener" translate="no" target="_blank">https://www.youtube.com/watch?v=EXxIeOfJsqA</a> <a href="https://hachyderm.io/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#mcp</a> <a href="https://hachyderm.io/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#ai</a> <a href="https://hachyderm.io/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://hachyderm.io/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://hachyderm.io/tags/modelcontextprotocol" class="mention hashtag" rel="nofollow noopener" target="_blank">#modelcontextprotocol</a> <a href="https://hachyderm.io/tags/aiagents" class="mention hashtag" rel="nofollow noopener" target="_blank">#aiagents</a>

Alvin Ashcraft 🐿️OAuth 2.0 Access Tokens and the Principle of Least Privilege | by Andrea Chiarelli.<a href="https://auth0.com/blog/oauth2-access-tokens-and-principle-of-least-privilege/" rel="nofollow noopener" translate="no" target="_blank">https://auth0.com/blog/oauth2-access-tokens-and-principle-of-least-privilege/</a> <a href="https://hachyderm.io/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://hachyderm.io/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://hachyderm.io/tags/auth0" class="mention hashtag" rel="nofollow noopener" target="_blank">#auth0</a>

BillHere's a new-to-me password spray tool that looks a hell of a lot more functional that Burp Intruder.<a href="https://github.com/blacklanternsecurity/TREVORspray" rel="nofollow noopener" translate="no" target="_blank">https://github.com/blacklanternsecurity/TREVORspray</a><a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentest</a> <a href="https://infosec.exchange/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a>

Serge from BabkaAnother approach would be if Alice could generate multiple Passkeys and hand them out to individuals she trusts, and then retaining the ability to revoke them. Sadly many sites don't yet support Passkeys, and this model still lets someone like Mal revoke Alice's access, so that's not great.Bitwarden has a feature whereby Alice can share a password with Eve but not let her see it or export it. This could work pretty well, except that if the site requires 2FA from a SMS text message (vs TOTP or a token) or if Eve has the knowhow to intercept the password.I still think that what we ultimately want is attenuated scopes because then we can track all actions by the delegated party.I do wonder if this need is niche or if the current solution of "good faith password sharing" works well enough often enough that it's not risen to the level of concern for developers.2/2<a href="https://babka.social/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authentication</a> <a href="https://babka.social/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authorization</a> <a href="https://babka.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://babka.social/tags/Passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwords</a> <a href="https://babka.social/tags/Passwordless" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwordless</a> <a href="https://babka.social/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#Programming</a>

Serge from BabkaI've been thinking about delegated authority on websites lately.It would be convenient if I could delegate certain functions to people, for example allowing someone like my accountant to have access to some of my financial records.Some organizations make this easy, allowing me to have multiple accounts.Other services don't offer this, nor do they offer any kind of OAuth type of delegated authorization or capabilities model.I've been thinking about ways around this.One very wacky way would be if Alice could have a a "special browser" that would tie into some service she runs. Bob would log in with his credentials and then behind the scenes the application logs in as Alice.This would be very complicated to implement though.1/<a href="https://babka.social/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authentication</a> <a href="https://babka.social/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authorization</a> <a href="https://babka.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://babka.social/tags/Passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwords</a> <a href="https://babka.social/tags/Passwordless" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwordless</a> <a href="https://babka.social/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#Programming</a>

Alvin Ashcraft 🐿️Please Don't Write Your Own MCP Authorization Code | by Den Delimarsky.<a href="https://den.dev/blog/mcp-prm-auth/" rel="nofollow noopener" translate="no" target="_blank">https://den.dev/blog/mcp-prm-auth/</a> <a href="https://hachyderm.io/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#ai</a> <a href="https://hachyderm.io/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#mcp</a> <a href="https://hachyderm.io/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://hachyderm.io/tags/modelcontextprotocol" class="mention hashtag" rel="nofollow noopener" target="_blank">#modelcontextprotocol</a> <a href="https://hachyderm.io/tags/aiagents" class="mention hashtag" rel="nofollow noopener" target="_blank">#aiagents</a>

beSpacificTrump’s effort, combined thrust of his other <a href="https://newsie.social/tags/constitutional" class="mention hashtag" rel="nofollow noopener" target="_blank">#constitutional</a> transgressions, uniquely dangerous. No indication he gave any thought to seeking <a href="https://newsie.social/tags/congressional" class="mention hashtag" rel="nofollow noopener" target="_blank">#congressional</a> <a href="https://newsie.social/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a>. As self-concerned, immature a commander-in-chief as country has had, he likely acted, as always, out of crass self-interest. <a href="https://newsie.social/tags/Israel" class="mention hashtag" rel="nofollow noopener" target="_blank">#Israel</a> surprisingly successful <a href="https://newsie.social/tags/bombardment" class="mention hashtag" rel="nofollow noopener" target="_blank">#bombardment</a> of last week put him in position to be a winner by finishing off the job—very possibly the only thing that was in his <a href="https://newsie.social/tags/lizard" class="mention hashtag" rel="nofollow noopener" target="_blank">#lizard</a> <a href="https://newsie.social/tags/brain" class="mention hashtag" rel="nofollow noopener" target="_blank">#brain</a>. <a href="https://harrylitman.substack.com/p/trumps-strike-on-iran-and-the-constitution" rel="nofollow noopener" translate="no" target="_blank">https://harrylitman.substack.com/p/trumps-strike-on-iran-and-the-constitution</a>

beSpacific<a href="https://newsie.social/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#Trump</a> faces <a href="https://newsie.social/tags/bipartisan" class="mention hashtag" rel="nofollow noopener" target="_blank">#bipartisan</a> blowback in <a href="https://newsie.social/tags/Congress" class="mention hashtag" rel="nofollow noopener" target="_blank">#Congress</a> on <a href="https://newsie.social/tags/Iran" class="mention hashtag" rel="nofollow noopener" target="_blank">#Iran</a> strikes Why it matters: While most <a href="https://newsie.social/tags/congressional" class="mention hashtag" rel="nofollow noopener" target="_blank">#congressional</a> <a href="https://newsie.social/tags/Republicans" class="mention hashtag" rel="nofollow noopener" target="_blank">#Republicans</a> some pro-Israel <a href="https://newsie.social/tags/Democrats" class="mention hashtag" rel="nofollow noopener" target="_blank">#Democrats</a> are praising President Trump's strikes on <a href="https://newsie.social/tags/Iranian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Iranian</a> <a href="https://newsie.social/tags/nuclear" class="mention hashtag" rel="nofollow noopener" target="_blank">#nuclear</a> facilities, pockets of <a href="https://newsie.social/tags/opposition" class="mention hashtag" rel="nofollow noopener" target="_blank">#opposition</a> are already emerging over whether he needed congressional <a href="https://newsie.social/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> for such a <a href="https://newsie.social/tags/provocative" class="mention hashtag" rel="nofollow noopener" target="_blank">#provocative</a> use of <a href="https://newsie.social/tags/military" class="mention hashtag" rel="nofollow noopener" target="_blank">#military</a> <a href="https://newsie.social/tags/force" class="mention hashtag" rel="nofollow noopener" target="_blank">#force</a>. Yes, he did need Congressional <a href="https://newsie.social/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a>..why is there even a question. <a href="https://newsie.social/tags/warpowers" class="mention hashtag" rel="nofollow noopener" target="_blank">#warpowers</a> <a href="https://newsie.social/tags/foreign" class="mention hashtag" rel="nofollow noopener" target="_blank">#foreign</a> <a href="https://newsie.social/tags/policy" class="mention hashtag" rel="nofollow noopener" target="_blank">#policy</a> <a href="https://newsie.social/tags/retaliation" class="mention hashtag" rel="nofollow noopener" target="_blank">#retaliation</a> <a href="https://newsie.social/tags/democracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#democracy</a> <a href="https://newsie.social/tags/war" class="mention hashtag" rel="nofollow noopener" target="_blank">#war</a>

beSpacificVial military.com - Guard troops unpaid and in limbo: Over 4,000 <a href="https://newsie.social/tags/California" class="mention hashtag" rel="nofollow noopener" target="_blank">#California</a> <a href="https://newsie.social/tags/NationalGuard" class="mention hashtag" rel="nofollow noopener" target="_blank">#NationalGuard</a> <a href="https://newsie.social/tags/soldiers" class="mention hashtag" rel="nofollow noopener" target="_blank">#soldiers</a> deployed to <a href="https://newsie.social/tags/LosAngeles" class="mention hashtag" rel="nofollow noopener" target="_blank">#LosAngeles</a> remain unpaid due to delays in official activation orders, leaving their pay, benefits, and legal status uncertain. <a href="https://newsie.social/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://newsie.social/tags/orders" class="mention hashtag" rel="nofollow noopener" target="_blank">#orders</a> <a href="https://newsie.social/tags/pentagon" class="mention hashtag" rel="nofollow noopener" target="_blank">#pentagon</a> <a href="https://newsie.social/tags/DHS" class="mention hashtag" rel="nofollow noopener" target="_blank">#DHS</a> <a href="https://newsie.social/tags/immigration" class="mention hashtag" rel="nofollow noopener" target="_blank">#immigration</a> <a href="https://newsie.social/tags/civilliberties" class="mention hashtag" rel="nofollow noopener" target="_blank">#civilliberties</a> <a href="https://newsie.social/tags/logistics" class="mention hashtag" rel="nofollow noopener" target="_blank">#logistics</a> <a href="https://newsie.social/tags/hegseth" class="mention hashtag" rel="nofollow noopener" target="_blank">#hegseth</a> Poor planning & conditions: Troops report chaotic logistics w some sleeping outdoors on cots, facing inconsistent access to <a href="https://newsie.social/tags/food" class="mention hashtag" rel="nofollow noopener" target="_blank">#food</a>, <a href="https://newsie.social/tags/fuel" class="mention hashtag" rel="nofollow noopener" target="_blank">#fuel</a>, hastily organized <a href="https://newsie.social/tags/mission" class="mention hashtag" rel="nofollow noopener" target="_blank">#mission</a> <a href="https://newsie.social/tags/trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#trump</a>

Who Let The Dogs Out 🐾<a href="https://mastodon.ml/tags/android" class="mention hashtag" rel="nofollow noopener" target="_blank">#android</a> <a href="https://mastodon.ml/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://mastodon.ml/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#foss</a> <a href="https://mastodon.ml/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> <a href="https://mastodon.ml/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://mastodon.ml/tags/sso" class="mention hashtag" rel="nofollow noopener" target="_blank">#sso</a> <a href="https://mastodon.ml/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#iam</a>GitHub - casbin/awesome-auth: 📊 Software and Libraries for Authentication & Authorization & SSO & IAM<a href="https://github.com/casbin/awesome-auth" rel="nofollow noopener" translate="no" target="_blank">https://github.com/casbin/awesome-auth</a>

Pyrzout :vm:Best Practices for User Authentication and Authorization in Web Applications: A Comprehensive Security Framework – Source: securityboulevard.com <a href="https://ciso2ciso.com/best-practices-for-user-authentication-and-authorization-in-web-applications-a-comprehensive-security-framework-source-securityboulevard-com/" rel="nofollow noopener" translate="no" target="_blank">https://ciso2ciso.com/best-practices-for-user-authentication-and-authorization-in-web-applications-a-comprehensive-security-framework-source-securityboulevard-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/SecurityBloggersNetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityBloggersNetwork</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/SecurityBoulevard" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityBoulevard</a> <a href="https://social.skynetcloud.site/tags/DigitalIdentity" class="mention hashtag" rel="nofollow noopener" target="_blank">#DigitalIdentity</a> <a href="https://social.skynetcloud.site/tags/Identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Identity</a>&Access <a href="https://social.skynetcloud.site/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> <a href="https://social.skynetcloud.site/tags/infrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#infrastructure</a> <a href="https://social.skynetcloud.site/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://social.skynetcloud.site/tags/BestPractices" class="mention hashtag" rel="nofollow noopener" target="_blank">#BestPractices</a> <a href="https://social.skynetcloud.site/tags/CIAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#CIAM</a>

CybernewsHackers can craft a request, send it to the Asus router, and execute functions without authorization.<a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#hack</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/Asus" class="mention hashtag" rel="nofollow noopener" target="_blank">#Asus</a> <a href="https://infosec.exchange/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://cnews.link/asus-routers-affected-by-critical-vulnerability-1/" rel="nofollow noopener" translate="no" target="_blank">https://cnews.link/asus-routers-affected-by-critical-vulnerability-1/</a>

Alvin Ashcraft 🐿️An Introduction to MCP and Authorization | Auth0.<a href="https://auth0.com/blog/an-introduction-to-mcp-and-authorization/" rel="nofollow noopener" translate="no" target="_blank">https://auth0.com/blog/an-introduction-to-mcp-and-authorization/</a> <a href="https://hachyderm.io/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#ai</a> <a href="https://hachyderm.io/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#mcp</a> <a href="https://hachyderm.io/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://hachyderm.io/tags/aimodels" class="mention hashtag" rel="nofollow noopener" target="_blank">#aimodels</a>

Pyrzout :vm:Next.js Middleware Flaw Lets Attackers Bypass Authorization <a href="https://hackread.com/next-js-middleware-flaw-bypass-authorization/" rel="nofollow noopener" translate="no" target="_blank">https://hackread.com/next-js-middleware-flaw-bypass-authorization/</a> <a href="https://social.skynetcloud.site/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authorization</a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://social.skynetcloud.site/tags/Middleware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Middleware</a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.skynetcloud.site/tags/Nextjs" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nextjs</a> <a href="https://social.skynetcloud.site/tags/React" class="mention hashtag" rel="nofollow noopener" target="_blank">#React</a>

Pyrzout :vm:Next.js Middleware Flaw Lets Attackers Bypass Authorization – Source:hackread.com <a href="https://ciso2ciso.com/next-js-middleware-flaw-lets-attackers-bypass-authorization-sourcehackread-com/" rel="nofollow noopener" translate="no" target="_blank">https://ciso2ciso.com/next-js-middleware-flaw-lets-attackers-bypass-authorization-sourcehackread-com/</a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener" target="_blank">#1CyberSecurityNewsPost</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authorization</a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://social.skynetcloud.site/tags/Middleware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Middleware</a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hackread</a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://social.skynetcloud.site/tags/Nextjs" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nextjs</a> <a href="https://social.skynetcloud.site/tags/React" class="mention hashtag" rel="nofollow noopener" target="_blank">#React</a>

Kevin Karhan :verified:<a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@GossiTheDog</a> the sheer fact that <a href="https://infosec.space/tags/MSPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#MSPs</a> & <a href="https://infosec.space/tags/CSPs" class="mention hashtag" rel="nofollow noopener" target="_blank">#CSPs</a> can access clients' setups without proper <a href="https://infosec.space/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> [including <a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#KYC</a> / <a href="https://infosec.space/tags/KYB" class="mention hashtag" rel="nofollow noopener" target="_blank">#KYB</a>, <a href="https://infosec.space/tags/AuthCode" class="mention hashtag" rel="nofollow noopener" target="_blank">#AuthCode</a>|s and proper authorization via contract] is already sickening.<ul><li><a href="https://cyberplace.social/@GossiTheDog/114104955818018205" rel="nofollow noopener" target="_blank">This</a> literally begs to be abused via <a href="https://infosec.space/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#SocialEngineering</a> / <a href="https://infosec.space/tags/SocialHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#SocialHacking</a> of <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> personnel or just blatant "<a href="https://infosec.space/tags/PrivilegueEscalation" class="mention hashtag" rel="nofollow noopener" target="_blank">#PrivilegueEscalation</a>" through falsefully claiming to be a <a href="https://infosec.space/tags/MSP" class="mention hashtag" rel="nofollow noopener" target="_blank">#MSP</a> / <a href="https://infosec.space/tags/CSP" class="mention hashtag" rel="nofollow noopener" target="_blank">#CSP</a> contracted by the targeted company.</li></ul>Such fundamental <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#ITsec</a> fuckups are reasons alone not to use <a href="https://infosec.space/tags/Azure" class="mention hashtag" rel="nofollow noopener" target="_blank">#Azure</a> or any <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> products & services at all...<ul><li>I mean, it doesn't require <a href="https://infosec.space/tags/Mitnick" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mitnick</a>-level skills to pull this off, since it doesn't necessitate <a href="https://infosec.space/tags/Lapsus" class="mention hashtag" rel="nofollow noopener" target="_blank">#Lapsus</a>-Style <a href="https://infosec.space/tags/SIMswap" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIMswap</a> or other means to gain access...</li></ul>

Schneier on Security RSSDevice Code PhishingThis isn’t new, but it’s increasingly popular: The technique is known as devic... <a href="https://www.schneier.com/blog/archives/2025/02/device-code-phishing.html" rel="nofollow noopener" translate="no" target="_blank">https://www.schneier.com/blog/archives/2025/02/device-code-phishing.html</a> <a href="https://burn.capital/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> <a href="https://burn.capital/tags/Uncategorized" class="mention hashtag" rel="nofollow noopener" target="_blank">#Uncategorized</a> <a href="https://burn.capital/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://burn.capital/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#phishing</a> <a href="https://burn.capital/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#Russia</a>

Pyrzout :vm:Device Code Phishing – Source: www.schneier.com <a href="https://ciso2ciso.com/device-code-phishing-source-www-schneier-com/" rel="nofollow noopener" translate="no" target="_blank">https://ciso2ciso.com/device-code-phishing-source-www-schneier-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/SchneierOnSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#SchneierOnSecurity</a> <a href="https://social.skynetcloud.site/tags/SchneieronSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#SchneieronSecurity</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> <a href="https://social.skynetcloud.site/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://social.skynetcloud.site/tags/Uncategorized" class="mention hashtag" rel="nofollow noopener" target="_blank">#Uncategorized</a> <a href="https://social.skynetcloud.site/tags/Phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#Phishing</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#Russia</a>

Pyrzout :vm:Device Code Phishing <a href="https://www.schneier.com/blog/archives/2025/02/device-code-phishing.html" rel="nofollow noopener" translate="no" target="_blank">https://www.schneier.com/blog/archives/2025/02/device-code-phishing.html</a> <a href="https://social.skynetcloud.site/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> <a href="https://social.skynetcloud.site/tags/Uncategorized" class="mention hashtag" rel="nofollow noopener" target="_blank">#Uncategorized</a> <a href="https://social.skynetcloud.site/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://social.skynetcloud.site/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#phishing</a> <a href="https://social.skynetcloud.site/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#Russia</a>

Recent searches

Search options

Administered by:

Server stats:

#authorization