Tag: Google OAuth
Cybersecurity Threat Advisory: Google OAuth MultiLogin exploit
Cybersecurity Threat Advisory: Google OAuth MultiLogin exploit
In October of 2023, an exploit was revealed by the threat actor PRISMA. This exploit generated persistent Google cookies through token manipulation. Now, attackers are exploiting a Google OAuth endpoint known as “MultiLogin” to restore expired authentication cookies. This allows...
Cybersecurity Threat Advisory: Google OAuth vulnerability
Cybersecurity Threat Advisory: Google OAuth vulnerability
In this Cybersecurity Threat Advisory, we’re looking at a critical Google OAuth vulnerability that allows ex-employees to maintain access to applications such as Slack and Zoom. After off boarding, attackers can achieve access by creating non-Gmail accounts using corporate email...