5 Best Practices To Secure Single Sign-On Systems
CSO Online, July 14th, 2020
July 26, 2020,
Volume 268, Issue 4

Ax Sharma writes in CSO Online, "The recent 'Sign in with Apple' vulnerability earned a researcher $100,000 as a part of Apple's bug bounty program. The flaw itself arose from an OAuth-style implementation that did not properly validate JSON Web Token (JWT) authentication between requests. This would have allowed a malicious actor to 'Sign in with Apple' using anyone's Apple ID..."

Read More ...


Other articles in the IT News - Security section of Volume 268, Issue 4:

See all archived articles in the IT News - Security section.