WELCOME TO EHOST.COM.NP

Saturday, August 25, 2018

T-Mobile, AT&T customer account PINs were exposed by website flaws

           Add Comments   

ads space

Apple T-Mobile PIN request page

As the report mentions, once they find the right one, it could allow someone to take the number and then use it to hijack a victim’s SIM card and phone number. Once you have that, it’s easy to hack any service that relies on text messages to send two factor-authentication codes as a primary method or backup, which is what we’ve seen happen to people like @Deray, or owners of a slew of Instagram accounts. That’s some of the reasons why, if possible, it’s better to use a two-factor system that relies on a code generated by an app, sent via push notifications or, even better yet, is tied to a physical key.

For AT&T, a similar vulnerability occurred on one of the pages where customers could file insurance claims via Asurion that asked for a PIN, but allowed unlimited attempts and did not put any limit on the rate. Apple and Asurion told Buzzfeed News that the issues have been fixed now that they’ve been brought to their attention, but that they existed at all shows why it’s important to have multiple layers of account security — vulnerabilities can exist even in places that you wouldn’t expect.

ads space

 

ADS SPACE

0 comments:

Post a Comment

Categories

Article How-to All Posts WordPress Android Web design Blogger Plugins CSS Google JQuery Plugins Programming Reviews Web Hosting Blogger Blogging Blogging Tips Tricks Web Development Facebook Git Internet Make Money Online Social Plugins Tips Tips and Tricks Tools Tutorials Windows WordPress Plugins Blogging Tips and Tricks Freebies GSM Google Analytics HTML How To's JavaScript Plugin Development S.E.O SEO SMS SmartPhone Social Media Tips amp; Tricks Top-Most Updates Webmaster Tools Whatsapp Applications Apps Blogger Basics Documentary Downloads Entertainment Gadgets Games Gmail Google AdSense Guest Post IPhone Make Money Blogging SVN Security Softwares Web Hosting Tips and Tricks Wordpress Tips Wordpress Tips and Tricks hostgator iOS Advertising Networks Advertising Technology Affiliates Antivirus Audience amp; Traffic Biography Blog post Blog post Blogger Blogger Errors Blogger Tips Blogger Tools Blogger Widget Blogosphere Bogger Widgets CSS selectors CSS symbols CSS3 Computer amp; Internet Content Writing Coupon Codes Data amp; Analytics Deleted blog Design DoubleClick for Publishers Email and newsletter marketting Email marketing Excel Tips Excel Tips and Tricks Facebook Tricks Feed Feedburner Feedburner subscribers Font Fun GitHub Giveaways Gmail primary inbox Gmail tabs Google sign-in Guides HTML amp; CSS HTML5 Infographics Inspirational Instagram Internet Marketing Internet Tips amp; Tricks Job Listings Knowledge Life Hacks Lists Make-Money Monetization amp; Conversion Monetize Navigation Online Marketing Other PHP Tutorials Passport Publishing amp; Content Quotes RSS Sidebar Smartphones Social Networking Status Tech Tech Blog Technology Telegram Themes UI / UX User Psychology amp; Research VB.Net Web Tools Web browser Widget Windows Tips Windows-10 ad viewability admin notice blogging tools bluehost cherry-pick clone cors custom scrollbar customizer dismissible notices duplicate post feed title git branch git clone gpg gpg2 hybridauth iPad icon font notice responsive wordpress theme same origin policy scrollbar signed git commit smartsvn theme customizer vcs wordpress theme wordpress themes

Blog Archive

Contact Form

Name

Email *

Message *

Copyright © Sync Media