An Interest In:
Web News this Week
- April 1, 2024
- March 31, 2024
- March 30, 2024
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
Some of Our Sources
- Techcrunch
- TutsPlus - Code
- Six Revisions
- Vandelay Design
- Creative Curio
- Inspiredology
- Naldz Graphics
- Noupe
- Freelance Switch
- Willems Lab
Help Webnuz
Referal links:
Metas Account Center came with a 2FA-defeating bug
Meta’s Accounts Center feature had a bug that let hackers brute force SMS two-factor authentication, allowing them to bypass the additional protection (via TechCrunch). The vulnerability, which Meta says it fixed in December, was reported by Nepalese security researcher Gtm Mänôz, who detailed the exploit in a Medium post earlier this month.
It was a significant find, as Meta seems to be putting more and more focus on its Accounts Center feature, letting you manage settings and security information from it, as well as use it to switch to your other accounts. According to Mänôz, the attack was relatively simple; if you knew the phone number or email address the other person used for two-factor authentication, you could link it to your own...
Original Link: https://www.theverge.com/2023/1/30/23578033/meta-account-center-bug-2-factor-authentication-sms-email
The Verge
The Verge is an ambitious multimedia effort founded in 2011More About this Source Visit The Verge