Aaron Parecki

#security

• Expanding Client Certificates in Firefox 75 - Mozilla Security Blog (blog.mozilla.org)

  Wed, Aug 11, 2021 10:35am -07:00 #security #web #firefox
• Evilginx 2 - Next Generation of Phishing 2FA Tokens (breakdev.org)

  Tue, Jun 29, 2021 11:04am -07:00 #hacking #phishing #2fa #security
• How to securely store passwords in database (www.vaadata.com)

  Mon, Jun 28, 2021 7:29pm -07:00 #security #password
• Bypassing 2FA using OpenID Misconfiguration (youst.in)

  Sun, Jun 27, 2021 3:18pm -07:00 #openid #security
• Owncast https://botsin.space/@owncast

  OktaDev Live has just started streaming on their #owncast server! Check them out at:
  https://live.oktadev.events.

  OAuth Happy Hour

  #okta #security #api #oktadev #oauth

  

  Portland, Oregon • 66°F

  Thu, Jun 10, 2021 11:03pm +00:00 (liked on Thu, Jun 10, 2021 5:05pm -07:00) #oauth #oktadev #api #security #okta #owncast
• Apple says its new logon tech is as easy as passwords but far more secure - CNET (www.cnet.com)

  Thu, Jun 10, 2021 3:08pm -07:00 #apple #security #icloud #passkey #wwdc #wwdc21
• OAuth 2.0 Threat Model Penetration Testing Checklist (www.binarybrotherhood.io)

  Thu, Jun 3, 2021 9:07am -07:00 #oauth #security
• The SSO Wall of Shame | A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. (sso.tax)

  Tue, May 25, 2021 4:50pm -07:00 #sso #openid #security
• Humanity wastes about 500 years per day on CAPTCHAs. It’s time to end this madness (blog.cloudflare.com)

  Mon, May 17, 2021 8:27pm -07:00 #cloudflare #captcha #webauthn #security
• 

  If your company is big enough to roll out a mandatory VPN on personal iOS devices, they are big enough to buy you a work phone https://twitter.com/gabrtv/status/1391951192176021505

  Portland, Oregon • 76°F

  96 likes 18 reposts 6 replies 2 mentions

  Wed, May 12, 2021 6:13pm -07:00 #ios #vpn #security
• Signing HTTP Messages. There’s a new draft in the HTTP working… | by Justin Richer | May, 2021 | Medium (justinsecurity.medium.com)

  Tue, May 4, 2021 2:31pm -07:00 #http #security #oauth
• FAPI – Financial Grade API (fapi.openid.net)

  Wed, Apr 7, 2021 12:11pm -07:00 #openid #fapi #security
• Whistleblower: Ubiquiti Breach “Catastrophic” — Krebs on Security (krebsonsecurity.com)

  Tue, Mar 30, 2021 2:04pm -07:00 #security #unifi #ubiquiti
• Owncast https://botsin.space/@owncast

  OktaDev Live has just started streaming on their #owncast server! Check them out at:
  https://live.oktadev.events.

  OAuth Happy Hour - Live Q&A

  #okta #security #api #oktadev #oauth

  

  Portland, Oregon • 40°F

  Thu, Mar 25, 2021 6:05pm +00:00 (liked on Fri, Mar 26, 2021 8:08am -07:00) #oauth #oktadev #api #security #okta #owncast
• Owncast https://botsin.space/@owncast

  OktaDev Live has just started streaming on their #owncast server! Check them out at:
  https://live.oktadev.events.

  What's New in OAuth 2.1

  #okta #security #api #oktadev #oauth

  

  Portland, Oregon • 54°F

  Tue, Mar 23, 2021 5:10pm +00:00 (liked on Tue, Mar 23, 2021 6:20pm -07:00) #oauth #oktadev #api #security #okta #owncast
• 

  lol the phone system is so broken https://twitter.com/josephfcox/status/1371509983842598918

  Portland, Oregon, USA • 45°F

  8 likes 4 reposts 1 reply

  Mon, Mar 15, 2021 4:15pm -07:00 #sms #security #2fa
• TOFU Attack: Your registration flow is a breach waiting to happen... (paul.reviews)

  Sat, Mar 13, 2021 7:01am -08:00 #security
• trimstray/nginx-admins-handbook: How to improve NGINX performance, security, and other important things. (github.com)

  Thu, Mar 11, 2021 5:24pm -08:00 #nginx #books #tutorial #security
• A CSO’s perspective on the recent Verkada cyber attack | Okta Security (sec.okta.com)

  Thu, Mar 11, 2021 3:38am -08:00 #security #okta #hack
• Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Feb, 2021 | Medium (medium.com)

  Wed, Feb 10, 2021 9:51am -08:00 #security