WeLiveSecurity

Facebook: No evidence attackers used stolen access tokens on third-party sites

Facebook has announced that it found no evidence that attackers had used stolen account access tokens on other websites or apps that enable users to access their accounts using Facebook Login. This ...
glamsham.com

Hackers stole customer access tokens from Okta’s support unit, admits firm

Identity and access company Okta has identified “adversarial activity” that leveraged access to a stolen credential to access Okta’s support case management system. The threat actor was able to view ...
Threat Post

Leaky Access Tokens Exposed Amazon Photos of Users

Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents. The Amazon Photos app for Android insufficiently protected user access tokens, according to ...
Infosecurity-magazine.com

Stolen Access Tokens Lead to New Internet Archive Breach

Hours after the Internet Archive was reportedly back on its feet following a wave of cyber-attacks, it seems that the world’s largest digital library is in hot water again. On October 20, several ...
InfoWorld

Sensitive access tokens and keys found in hundreds of Android apps

Many developers still embed sensitive access tokens and API keys into their mobile applications, putting data and other assets stored on various third-party services at risk. A new study performed by ...