Source |
F-Secure |
Identifiant |
256318 |
Date de publication |
2016-11-17 14:27:13 (vue: 2016-11-17 14:27:13) |
Titre |
Yahoo! Voice Call 2FA Fail |
Texte |
Netflix recently fixed an account takeover vulnerability involving automated phone calls and caller ID spoofing. The issue? An attacker could use Netflix’s “forgot email/password” feature to reset an account’s password by directing the reset code to a voice call. In order to force the code to voice mail, the attacker would need to call the […] |
Envoyé |
Oui |
Condensat |
“forgot 2fa account account’s attacker automated call caller calls code could directing email/password” fail feature fixed force involving issue mail need netflix netflix’s order password phone recently reset spoofing takeover use voice vulnerability would yahoo |
Tags |
|
Stories |
Yahoo
|
Notes |
|
Move |
|