There’s no way the Acunetix Facebook iPad competition was going to fly under the radar. As soon as August was out we immediately began receiving messages asking who the competition winner was. Well, the security world is a busy one and we’ve cheekily decided to leave you toasting for a while longer just to raise […]
One lucky Acunetix Facebook follower will be selected at random to win an iPad 2!
Facebook rates as the second most popular website on the internet with 400 million active users. When such a website has common web application security flaws, they are going to be abused for one’s gain. When we came across an obvious cross-site scripting vulnerability, we decided to show that an attacker could do that. The […]
While not particularly new anymore, online social networking is still an exciting medium. Compulsively, I check my Facebook every day, make several posts on Twitter and contribute what I can to LinkedIn and I know I’m not alone with these things. Well, now unsurprisingly a study has found that “social network users [are] more vulnerable […]
Most social networking sites have privacy options which allow users to share photo albums with selected people or groups. Such features encourage end users to upload possibly compromising photos, for example photos of last night’s party. The idea is that it is acceptable to share certain photos with your friends, but not with your future […]
Cross Site Scripting seems to be the word of the past few days with high profile sites getting featured on the technology news sites. ZDNet reported how Facebook just fixed four XSS security flaws affecting their developer’s page, the iPhone login page, the new users registrations page and a Facebook applications page. All of these […]
A worm abusing Facebook‘s messaging system is making rounds between friends. It consists of an executable worm known as Koobface that runs on the victim’s computer and searches for Facebook cookies on his or her computer. It will then use these cookies to hijack an authenticated session and send a message to all of the […]