#nOAuth

Jim Guckin

@jimguckin.bsky.social

2 months ago

Cisco just patched an actively exploited zero-day in Unified Communications and Webex Calling. #NoAuth

If your voice or collab stack runs on Cisco, this isn’t “We’ll get to it.” This is patch now!

thehackernews.com/2026/01/cisc...

#CyberSecurity #InfoSec #ZeroDay #PatchNow

Eric Woodruff

@handle.invalid

9 months ago

A photo taken from a train, near Heidelberg Germany, of a crop field with some brown green grass and a hazy blue sky with a tint of orange from the sunrise. There is a reflection on the window of myself somewhat from inside the train car.

Going right from @wearetroopers.bsky.social in Heidelberg to @fwdcloudsec.org in Denver ✈️ - from one excellent conference to another!

I’m looking forward to speaking Monday @ 2:00pm in track 1 on the dangers of #nOAuth, with some new and tweaked slides and talking points!

#Entra #EntraID

The Daily Tech Feed

@thedailytechfeed.com

9 months ago

Critical nOAuth vulnerability in Microsoft Entra ID allows full account takeover with minimal effort. Organizations must act now to secure their applications. #CyberSecurity #nOAuth #MicrosoftEntraID Link: thedailytechfeed.com/exploiting-n...

ReconBee

@reconbee.bsky.social

9 months ago

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps that of the victim read more about nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery reconbee.com/noauth-vulne...

#nOAuth #vulnerability #microsoftentra #SaaS #Apps #cybersecurity #microsoftentra

Eric Woodruff

@handle.invalid

9 months ago

New nOAuth Abuse Alert: Entra Cross-Tenant Saas Apps at Risk Think nOAuth abuse is old news? We wish. Our recent testing shows that nearly 10% of apps in the Microsoft Entra Gallery remain vulnerable.

At @wearetroopers.bsky.social I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable SaaS applications. The attack is still alive and well.

You can read all about it here:

#Entra #M365 #infosec

www.semperis.com/blog/noauth-...

EMPIST

@empist.bsky.social

9 months ago

Thousands of SaaS Apps Could Still Be Susceptible to nOAuth New research from Semperis suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth attack variant.

🚨 Over 10,000 SaaS apps may still be vulnerable to nOAuth attacks, exploiting misconfigurations in Microsoft Entra ID. Victims remain unaware, and developers must act to secure apps. Microsoft can't fix this—it’s up to proper implementation. #CyberSecurity #nOAuth #SaaS snip.ly/zfyuqo

Thiard News@F4F

@newsen.bsky.social

9 months ago

Semperis Highlights Ongoing Security Threat in Microsoft Entra ID Affecting SaaS Applications New research from Semperis reveals the nOAuth vulnerability in Microsoft Entra ID, posing significant risk for SaaS applications and enterprise customers.

Semperis Highlights Ongoing Security Threat in Microsoft Entra ID Affecting SaaS Applications #USA #Hoboken #Semperis #Entra_ID #nOAuth

2rZiKKbOU3nTafniR2qMMSE0gwZ

@2rzikkbou3ntafnir2qmmse0gwz.activitypub.awakari.com.ap.brid.gy

9 months ago

Thousands of SaaS Apps Could Still Be Susceptible to nOAuth New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in J...

#Application #Security #Identity #& #Access #EntraID #noAuth #SaaS

Origin | Interest | Match

Eric Woodruff

@handle.invalid

9 months ago

A photo taken from an airplane of the. There are small white fluffy clouds scattered below and a slightly hazy blue sky with white wisps above them.

On the way to #TROOPERS25. The short flight is down… just waiting for the long one to Frankfurt.

Looking forward to talking about #nOAuth with #Entra… sadly it’s still a thing 😑

#EntraID #infosec @wearetroopers.bsky.social