Even weak hackers can pull off a password reset MitM attack via account registration

At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, “The Password Reset MitM Attack” (pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures.

Read full news article on Network World

 


Date:

Categorie(s):

Tag(s):