Security Boulevard

Your API Has Authorization Bugs. Hadrian Finds Them.

Authorization vulnerabilities are the most common critical finding in our API penetration tests. We find them on nearly every ...
Dark Reading

When Good Tokens Go Bad

Tokens are an identity's crown jewel for digital authentication and authorization. Whether they are human or machine, and instantiated as API tokens, OAuth credentials, session tokens, or ephemeral ...
Security Boulevard

The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity

The Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload ...
Threat Post

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of ...
Business Wire

VeriSign Licenses Mobile Tokens and Mobile Authentication Services from Diversinet

As a leading mobile authentication service provider, Diversinet provides its customers with cost effective, mobile-optimized strong authentication products and services that reduce identity theft and ...
Infosecurity-magazine.com

Comment: Two-factor Authentication – World of the Token Necklace

Security breaches are on the up – we all know that – and they are set to get worse. In order to interact with suppliers online, organizations will be expected to have stronger authentication, which is ...