Thursday , July 29 2021

Vulnerability on Facebook allowed web sites to access private data – Technology – Technology



According to the report, the tastes or interests of a person could be seen silently.

Facebook

From these sites you can also access private information as if you were a user or your Facebook friends as a specific page.

By:

TECNOSFERA

November 13, 2018, 12:50 p.m.

A vulnerability on Facebook allowed web sites to get private user information as I like and interests, without knowing it. This has been revealed by researchers from the Impervious Cybersecurity company in a report that indicates this From a malicious site, this type of data could be muted silently in another Google Chrome tab.

According to the report, the search results on Facebook were not properly protected against applications falsification attacks. So that the theft of information takes place the user had to go to a malicious site and click anywhere on the site while connected to Facebook. At that time, cybercriminals could open a new pop-up window on the Facebook search page and get personal information.

In this tab, you can perform queries that have "yes" or "no" responses, for example, ask if a user or their friends have a certain page or have taken pictures in a specific place. According to Imperva, you can also access more specific data, like all friends of a person with a certain religion or who live in a certain city.

Ron Masas, a computer security researcher at Imperva, told Techcrunch that "the vulnerability has exposed the interests of the user and his friends, even if their privacy settings were configured so that the interests were only visible to the user's friends." .

The mistake was fixed in May of this year and although so far Facebook has not given an official statement, the specialized media The Verge received a response from the social network in which it states that there are no known cases of possible theft of information on account of this vulnerability.

"We appreciate the report of this researcher on our rewards program, we run the problem in our search page and we have not seen any abuse." Since the underlying behavior is not specific to Facebook, we made recommendations for manufacturers and manufacturers of the browser. of the relevant web standards for animals to take measures to prevent these types of problems from occurring in other web applications, "said the company.

TECNOSFERA

Keep downloading
to find more content






You got it content limit of the month

Enjoy content from DIGITAL TIME unlimited Subscribe now!

* COP $ 900 / month during the first two months

We know you want to be always informed.

Create an account and you can enjoy:

  • Access to newsletters with the best news today.
  • Comment the news you are interested in
  • Save your favorite articles

Create an account and you can Enjoy our content from any device.


Source link