In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session cookies, tokens, or consent grants you’ve already issued and walk in behind you. Constable breaks down how passwords, session cookies, and OAuth grants all rely on shared secrets between browser and server. Even with TLS encryption, intermediaries like CDNs, load balancers, and WAFs can see these credentials in … More →
The post What happens when your identity provider becomes the kill chain appeared first on Help Net Security.