Microsoft Fixes NoAuth Flaws, Prevents Account Takeover
Microsoft has admitted that a vulnerability has been discovered in its Azure Active Directory (AD) Open Authorization (OAuth) process which facilitates hackers a complete account takeover. Researchers from Descope, a California-based identity and access management service, have reported the vulnerability and named it ‘NoAuth.’ During April 2023, Descope’s Chief Security Officer, Omer Cohen, described NoAuth […]
