Get a Pentest and security assessment of your IT network.

Cyber Security

A $50,000 Bug Could’ve Allowed Hackers Access Any Microsoft Account

Microsoft has awarded an independent security researcher $50,000 as part of its bug bounty program for reporting a flaw that allowed a malicious actor to hijack users’ accounts without their knowledge. The vulnerability aims to brute-force the seven-digit security code that’s sent to a user’s email address or mobile number to corroborate his (or her) identity before resetting the password in order to recover access to the account. Microsoft addressed the issue in November 2020, before details of the flaw came to light on Tuesday.

Source: https://thehackernews.com/2021/03/a-50000-bug-couldve-allowed-hackers.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation