BOX.com: Multi-factor authentication has been canceled
The multi-factor authentication of Box.com could be bypassed by attackers. The Varonis research team discovered a way to replace MFA with classic one-factor authentication for box accounts. Box.com joins the long list of cloud providers where MFA vulnerabilities were recently uncovered: The Varonis research team discovered a way to replace MFA with classic one-factor authentication for Box accounts, the authentication -Use apps like Google Authenticator. Attackers with stolen credentials could compromise a company's box account and exfiltrate sensitive data without having to use a one-time password. Box.com vulnerability closed in the meantime Security researchers identified this vulnerability in Box on ...