Skype disables password reset after security flaw exposed - kingstonobleas

Microsoft has hors de combat the option for users to reset their Skype passwords later on security experts uncovered a serious flaw in the software that allowed anyone WHO knows your email address to taxi your Skype account.

The vulnerability allowed people to sign up to Skype with email addresses already busy aside others and and then force password resets for accounts associated with that address in order to gain access to your answer for. Basically, anyone who knew your electronic mail destination could sign-language upwardly for a parvenue Skype account with it and and then readjust the countersign for your current account, thus hacking in.

The work primary appeared on several Russian forums, and has been actively exploited since, Costin Raiu, a precedential security researcher at Kaspersky Lab, same in a blog post. To protect against this vulnerability, Raiu advises that users change the email address associated with their Skype write u to a newfangled, never-earlier-secondhand address.

Rik Ferguson, theater director of certificate research & communicating at Trend Little, explainedhow easy it was to hack into someone's Skype account: "In heart and soul the procedure is so simple it could be carried out by even the most inexperienced of information processing system users. […]This would put away the victim out of their Skype account and allow the cyberpunk to receive and answer to all messages destined for that dupe until further remark. I tested the exposure and the full cognitive operation took only a matter of minutes."

Skype likewise said in a statement that it is aware of the new security department vulnerability issue. "As a precautionary step we have temporarily disabled word reset equally we continue to investigate the issue further. We rationalize for the inconvenience but user experience and base hit is our first priority," the statement said.

Take down: When you purchase something after clicking links in our articles, we may pull in a small commission. Read our associate link policy for more details.

• Security
• Hacking
• Passwords
• Videoconferencing

Source: https://www.pcworld.com/article/455642/skype-disables-password-reset-after-security-flaw-exposed.html

Posted by: kingstonobleas.blogspot.com

Share this post