The BACKRONYM MySQL Vulnerability
> Duo Security’s Security Research, Adam Goodman, found a serious vulnerability known as BACKRONYM, affecting Oracle’s popular MySQL database software.
Adam is Principal Security Architect at Duo Security, where he is responsible for leading Duo's security engineering practice. He has spent nearly a decade building secure systems, protocols, and culture (and occasionally veering into security research) at a variety of start-ups.
> Duo Security’s Security Research, Adam Goodman, found a serious vulnerability known as BACKRONYM, affecting Oracle’s popular MySQL database software.
Earlier this year, we wrote about how any Google Application Specific Password (ASP) could be used to bypass 2-Step Verification. Although Google issued a fix to prevent account compromise, your ASPs can still be used to do almost anything else with your Google account.
Learn how attackers bypass Google's 2-step verification, reset users' master passwords & gain full account control by capturing users' app-specific passwords.