Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
IEEE

AugSSO: Secure Threshold Single-Sign-On Authentication With Popular Password Collection

Abstract: Single-sign-on authentication is widely deployed in mobile systems, which allows an identity server to authenticate a mobile user and issue her/him with a token, such that the user can ...