AWS Console and MFA Requirements
AWS customers will be required to use MFA to log into their AWS Management Console starting mid-2024 in a move designed to strengthen the security posture of AWS. The decision…
Cisco Duo – Risk Based Authentication Enhances ZEROTRUST
MFA requirement is an important criterion for implementing zero trust that blocks unauthorized access. MFA forces trusted employees to jump through hoops with one-time passwords and passcodes before they can…
Meta Pays Bug Bounty for an MFA Bug
Meta has paid a bug bounty to a researcher for disclosing the details of a two-factor authentication vulnerability for confirming a phone number, and the email address did not have…
Fantasy Premier League Introduces MFA From 2022/23 Season
The English Premier League has introduced MFA controls to its official Fantasy Premier League game offering football fans the option to secure their accounts. From 2022/23 season 2FA will have…
RubyGems to enable MFA for its repositories
RubyGems enabled multi-factor authentication (MFA) for some of its largest publishers. The package manager has started alerting the maintainers of gems with more than 165 million downloads via the RubyGems…
GitHub Plans for MFA mandatory by 2023 yearend
GitHub plans to introduce MFA as a mandatory requirement for any user who contributes code on the platform by the end of 2023. The platform owned by Microsoft has a…
Box MFA bypass could lead to Account takeover
Box has patched a flaw in its SMS-based two-factor authentication (MFA), just weeks after its temporary one-time password (TOTP)-based MFA was found to have vulnerabilities too. Once known, the vulnerability…
BOX Authentication Bypass
Researchers have helped fix an issue with Box that could have been exploited to bypass MFA for accounts that relied on authenticator apps such as Google Authenticator. The popular cloud…