Just In
- 45 min ago Poco C61 Goes on Sale in India at 12 noon Today via Flipkart: Check Price, Specs, Offers
- 15 hrs ago Poco F6 Leaks Surface: Snapdragon 8s Gen 3, 50MP Sony Sensor, OLED Display, & More – Check Price, Full Specs
- 16 hrs ago Samsung’s One UI 6.1 Update Brings Galaxy AI to More Devices: Galaxy S23 Series, Z Fold5, Z Flip5 & More
- 16 hrs ago Infinix Note 40 Pro 5G Series to Introduce Fast ‘MagCharge’ Wireless Charging at a Never Before-Seen Price
Don't Miss
- News Despite India's Objection, US Reiterates Remarks On Arvind Kejriwal Arrest, Congress' Bank Accounts Freezing
- Finance Stock Market Live Updates: Nifty 50 Wants To End The March Series And FY24 Strongly
- Movies Tillu Square Sequel: Siddhu Jonnalagadda Confirms A SHOCKING Climax; Exciting Female Cameo & Lead To A Sequel
- Sports Madrid Spain Masters 2024: PV Sindhu Eases Into Second Round; Kidambi Srikanth Bows Out Early
- Lifestyle Summer Fashion: 7 Trendy Office Outfit Ideas To Beat The Heat In Style
- Automobiles Citroen Basalt SUV Revealed In India – Launch Details & More
- Education IGNOU June TEE 2024 registration schedule out; Check out for more details
- Travel Explore Tamil Nadu's Diverse Wedding Venues
Uber's security flaw could allow hackers to gain access to user accounts
Uber has not warranted an immediate action or a fix as such.
Uber, the popular ride-hailing app has been the talk of the town for several reasons be it good or bad. While the cab service provider has been trying to balance and maintain its image in the society, now a new report has appeared online stating that Uber has ignored a security flaw in its system. Tech website ZDNet has reported the case and has stated that Uber has missed detecting a security flaw that could allow an attacker to hack into user accounts by bypassing the system's two-factor authentication feature. The flaw was reportedly discovered by a New Delhi-based security researcher.
"Two-factor authentication is a vital part of protecting online accounts that adds a second layer of security on top of your username and password - which can be stolen - by sending a code by text message to your phone which only you would have access to," the publication has said.
While Uber has already placed two-factor authentication on its systems since 2015, "That two-factor code can be bypassed, making the second layer of security protection effectively useless," security researcher Karan Saini was quoted as saying by ZDNet.
After discovering the flaw he had filed a bug report with HackerOne, which administers Uber's bug bounty, but it was in vain. Uber rejected his report stating it as "informative," which further means it contains "useful information". The company has not warranted an immediate action or a fix as such.
Further Uber has reportedly said the security bug "is not a particularly severe" issue. "This is likely an expected behavior," Rob Fletcher, Security Engineering Manager at Uber has said. Uber's spokesperson Melanie Ensign has also issued a statement saying the bug "is not a bypass," and is "likely caused by the security team's ongoing testing to evaluate and refine the effectiveness of different techniques" to secure accounts.
As for the flaw, the security bug basically works it way around the system by exploiting a weakness in how the app authenticates a user when they log in to the platform. By doing so the bug lets the user log in to an account and easily defeat the two-factor prompt, without entering the correct code.
However, Saini is quite concerned and has stated that the bug can be found quite easily and that people with malicious intent could misuse it.
-
99,999
-
1,29,999
-
69,999
-
41,999
-
64,999
-
99,999
-
29,999
-
63,999
-
39,999
-
1,56,900
-
1,39,900
-
1,29,900
-
79,900
-
65,900
-
12,999
-
96,949
-
16,499
-
38,999
-
49,999
-
30,700
-
36,999
-
38,999
-
1,17,840
-
35,000
-
23,960
-
82,510
-
11,999
-
25,999
-
26,999
-
31,999