Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the a ...
Continue Reading
September 03, 2024
Summary Hello team, I want to report a security issue on the GitLab authentication functionality. The email verification on login provides an additional layer of security despite 2FA not being impleme ...
Continue Reading
September 03, 2024
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
August 22, 2024
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
August 21, 2024
In the OAuth library for nim prior to version 0.11, the Authorization Code grant and Implicit grant both rely on the state parameter to prevent cross-site request forgery (CSRF) attacks where a resour ...
Continue Reading
August 20, 2024
In the OAuth library for nim prior to version 0.11, the state values generated by the generateState function do not have sufficient entropy. These can be successfully guessed by an attacker allowing t ...
Continue Reading
August 19, 2024
As we move through 2024, the Wallarm Research Team continues to monitor the evolving API vulnerability and threat landscape. Our latest Q2 ThreatStats™ Report reveals critical trends and development ...
Continue Reading
August 16, 2024
Back to Main
