Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 18 Jan 2022.

  1. Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification. "Using this technique, an attacker could use stolen credentials to compromise an organization's Box account and exfiltrate sensitive data without access to the victim's phone," Varonis researchers said

    Continue reading...
     

Share This Page

Loading...