Multi-Factor Authentication Bypass Led to Box Account Takeover
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without having access to the victim’s phone, according to new research from Varonis.