light bulb

Did You Know?



Reply
Highlighted
Community Expert Advisor
Posts: 1,743
Registered: ‎02-02-2012

Facebook flaw allowed hackers to delete posted photos


Charlie Osborne wrote:

 

 

A security flaw that allowed hackers to delete any image stored on Facebook has been discovered by Indian researcher Arul Kumar -- and he has been rewarded for his efforts.

The Facebook flaw, explained in length on Kumar's blog, exploits the Facebook Support Dashboard. Considered "critical," the bug works with any browser and any version, but was most successfully exploited through mobile devices.


 Read here.

__________________



"Simplicity is the ultimate form of sophistication." - Leonardo da Vinci


 


 



 

Posts: 3,905
Topics: 2,284
Kudos: 3,142
Blog Posts: 0
Registered: ‎06-02-2014

Re: Facebook flaw allowed hackers to delete posted photos

The following is a updated article on Facebook Flaws

 

{Facebook SDK flaw allows unauthorized access to Facebook accounts}

 

By/ HNS Staff/ Posted on 01 July 2014.

 

MetaIntell has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user’s Facebook account using a session hijacking method that leverages the Facebook Access

Vulnerable iOS and Android apps build on the Facebook SDK and leverage Facebook for user authentication. Once the app has successfully authenticated to Facebook, a local session token is cached and used to authenticate future sessions. The insecure storage of this session token is what places apps using the Facebook SDK for user authentication at risk of session hijacking.

 

facebook3.jpg

 

Help Net Security/ Full Read Here/ http://www.net-security.org/secworld.php?id=17074

Community Leader