OAuth Device Code Phishing: Azure vs. Google Compared

Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs' Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and ...
TechCrunch

Google Brings OAuth 2.0 Support To Gmail And Google Talk To Make Third-Party Apps More Secure

Virtually all of Google’s APIs currently support OAuth 2.0, a framework for allowing third-party apps limited access to your data from other services, as their standard authentication mechanism.
ZDNet

Google updates OAuth incremental authorization

Google has simplified the OAuth authorization process for users who give a third-party app access to Google apps such as Docs and Drive. The update, though minor, makes it possible for users to ...
Macworld

Google adds OAuth support to Google Apps

Joining a growing number of enterprise and consumer-facing Web services, Google has added support in Google Apps for the OAuth authorization profile, the company announced Monday. OAuth was chosen ...
PC World

Google Docs phishing attack underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback. One security researcher has already managed to replicate it, even as Google is trying to ...
Hosted on MSN

Google’s OAuth flaw is potentially exposing millions of accounts

Researchers have discovered a flaw in Google’s OAuth system that could allow attackers to access potentially sensitive data from former employee accounts at defunct startups. Google’s OAuth is the ...
TechSpot

Google OAuth secrets exposed as account-hijacking MultiLogin vulnerability discovered

Facepalm: OAuth is an open standard designed to share account information with third-party services, providing users with a simple way to access apps and websites. Google, one of the companies ...