Pusula

Configure On-Behalf-Of flow (OBO flow) in Azure API Management

One of my customers asked me about the following topic. We are currently using Azure API Management (APIM) to publish REST APIs. Each published API has authentication and authorization configured, but ...
Bleeping Computer

New downgrade attack can bypass FIDO auth in Microsoft Entra ID

Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login methods, making them susceptible to phishing and ...