I've been going through the recent news articles that are making its round on the internet regarding bypass of 2FA using the RSA SecurID tokens. Articles below:-
1. Has RSA addressed these articles yet?
2. The report doesn't clearly state this but the thesis seems to imply that the STDID file based import is what is being exploited. I wanted to understand if the CT-KIP based distribution would also have the same impact?