writeups.xyz / Tal Peleg

Title	Vulnerabilities	Programs	Authors
CrossTalk and Secret Agent: Two Attack Vectors on Okta's Identity Suite	Insecure Storage of Sensitive Information Phishing	Okta	Tal Peleg Nitay Bachrach
Varonis Threat Labs Discovers SQLi and Access Flaws in Zendesk	SQL Injection Logic Flaw	Zendesk	Tal Peleg
Spoofing SaaS Vanity URLs for Social Engineering Attacks	URL Spoofing	Box Zoom Google	Tal Peleg
Mixed Messages: Busting Box’s MFA Methods	OTP Bypass 2FA / MFA Bypass	Box	Tal Peleg
Bypassing Box’s Time-based One-Time Password MFA	OTP Bypass 2FA / MFA Bypass	Box	Tal Peleg

Page 1 of 1