Just In
-
-
-
-
Don't Miss
-
Veteran Actor YG Mahendran Critiques Caste-Based Films in Tamil Cinema -
RCB In IPL 2024: Sunil Gavaskar Critisizes Star Players, Says "Naam Bade Darshan Chote" -
PAK vs NZ Dream11 1st T20I: Playing 11, Squads, Fantasy Tips & Best Picks -
Raptee Energy Marks A New Era In EV With First Electric Motorcycle Launch -
CRISIL March 2024 Quarter Sees 5.51% Net Profit Drop; Dividend Announced -
UPSC CSE Result 2023 Declared, Check the Full List of Selected Candidates Here -
What Is 'Dry Promotion' Trend? Why Should Employees Be Concerned? -
From Coconut Breaking on Head to Men Dressing as Women: 12 Unique Indian Rituals Explored
New exploit shows two-factor authentication is also vulnerable
KnowBe4's Chief Hacking Officer Kevin Mitmil had recently explained about an exploit that allowed him to easily bypass the two-factor authentication (2FA).
Privacy has always been a major concern among the users while surfing the web. With the rise in numbers of e-commerce portals and countries' own effort for a digital India, the use of various modes of authentication is also quite evident these days. We all know about the various digital wallet companies that use two-factor authentication for data protection.
Although, the two-factor authentication might sound foolproof solution, however, this is not the case. As per security awareness training provider, KnowBe4's Chief Hacking Officer Kevin Mitmil had recently explained about an exploit that allowed him to easily bypass the two-factor authentication (2FA). It is being reported that the hack was demonstrated in a public video that showcased Mitnick convincing a victim to visit a domain that was an imitation to capture their login details along with 2FA authentication code.
Also, by using the exploit, Mitnick was able to use the credential on the actual website. He was also able to capture the session cookie in order to login indefinitely. Further, Mitnick also used time two-factor authentication in order to trick a login and get all the authentication data. CEO of KnowBe4 Stu Sjouwerman quoted on the same stating:
"A white hat hacker friend of Kevin's developed a tool to bypass two-factor authentication using social engineering tactics - and it can be weaponized for any site...Two-factor authentication is intended to be an extra layer of security, but in this instance, we clearly see that you can't rely on it alone to protect your organizations."
It is being reported that the tool called evilginx, was first developed by a white hat hacker Kuba Gretzky and it has been detailed in a post on his website. As the tool was publically demonstrated, Sjouwerman has estimated that hackers might begin to use it in the next few weeks. He has further urged the users and IT managers to toughen up their security protocols in order to prevent any security breaches.
-
99,999 -
1,29,999 -
69,999 -
41,999 -
64,999 -
99,999 -
29,999 -
63,999 -
39,999 -
1,56,900
-
79,900 -
1,39,900 -
1,29,900 -
65,900 -
1,56,900
-
1,30,990 -
76,990 -
16,499 -
30,700 -
12,999
-
3,999 -
2,500 -
3,599 -
8,893 -
13,999 -
32,999 -
9,990 -
12,999 -
25,377 -
23,490
