AppSec Blog: Tag - OAuth

Password Tracking in Malicious iOS Apps

In this article, John Bielich and Khash Kiani introduce OAuth, and demonstrate one type of approach in which a malicious native client application can compromise sensitive end-user data. Earlier this year, Khash posted a paper entitled: "Four Attacks on OAuth - How to Secure Your OAuth Implementation" that introduced a common protocol flow, with specific … Continue reading Password Tracking in Malicious iOS Apps