Security Boulevard

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

Financially motivated and nation-state threat groups are behind a surge in the use of device code phishing attacks that abuse Microsoft's legitimate OAuth 2.0 device authorization grant flow to trick ...
Tidbits

Reacting to Unsolicited Two-Factor Authentication Codes

I have long encouraged the use of two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible (for more about the difference, see “Two-Factor Authentication, ...
Security Boulevard

Building Secure User Portals for Content-Heavy SaaS Applications

Learn how to build secure user portals for content-heavy SaaS using passwordless authentication, RBAC, session security, and CDN protection.
Forbes

Gmail Security Alert: Google To Ditch SMS Codes For Billions Of Users

Update, Feb. 26, 2025: This story, originally published Feb. 23, now includes additional commentary regarding the potential security implications of the decision to deprecate SMS from the Gmail ...
Android Authority

What is two-factor authentication and why should you use it?

From banking to email, a lot of our professional and private lives now revolve around digital accounts on the internet. However, securing these accounts effectively isn’t as easy as setting a strong ...