light bulb

Did You Know?

Community Expert Advisor
Posts: 1,753
Registered: ‎02-02-2012

Facebook flaw allowed hackers to delete posted photos

Charlie Osborne wrote:



A security flaw that allowed hackers to delete any image stored on Facebook has been discovered by Indian researcher Arul Kumar -- and he has been rewarded for his efforts.

The Facebook flaw, explained in length on Kumar's blog, exploits the Facebook Support Dashboard. Considered "critical," the bug works with any browser and any version, but was most successfully exploited through mobile devices.

 Read here.

Posts: 4,886
Topics: 2,630
Kudos: 4,795
Blog Posts: 0
Registered: ‎06-02-2014

Re: Facebook flaw allowed hackers to delete posted photos

The following is a updated article on Facebook Flaws


{Facebook SDK flaw allows unauthorized access to Facebook accounts}


By/ HNS Staff/ Posted on 01 July 2014.


MetaIntell has uncovered a significant security vulnerability in the Facebook SDK (V3.15.0) for both iOS and Android. Dubbed Social Login Session Hijacking, when exploited this vulnerability allows an attacker access to a user’s Facebook account using a session hijacking method that leverages the Facebook Access

Vulnerable iOS and Android apps build on the Facebook SDK and leverage Facebook for user authentication. Once the app has successfully authenticated to Facebook, a local session token is cached and used to authenticate future sessions. The insecure storage of this session token is what places apps using the Facebook SDK for user authentication at risk of session hijacking.




Help Net Security/ Full Read Here/

Community Leader