An Interest In:
Web News this Week
- April 13, 2024
- April 12, 2024
- April 11, 2024
- April 10, 2024
- April 9, 2024
- April 8, 2024
- April 7, 2024
Some of Our Sources
- Engadget
- Smashing Magazine
- Six Revisions
- Abduzeedo
- You The Designer
- Inspiredology
- CSS Globe
- Stylized Web
- Wal You
- Codrops
Help Webnuz
Referal links:
October 8, 2011 10:05 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/qgyCD_ap87w/Facebooks-URL-Scanner-Vulnerable-To-Cloaking-Attack
Facebook's URL Scanner Vulnerable To Cloaking Attack
Facebook's recent move to scan for malicious URLs sounded like a pretty good idea, but itwbennett writes with word that it's already been bypassed.'Hatter,' a member of hacking think-tank Blackhat Academy, provided a live demonstration, which involved posting the URL to a JPEG file on a wall. Facebook crawled the URL and added a thumbnail image to the wall post, however, clicking on its corresponding link actually redirected users to YouTube. This happened because the destination page was able to identify Facebook's original request and served a JPEG file. Earlier this week, Facebook signed a partnership with Websense to use the security vendor's cloud-based, real-time Web scanner for malicious URL detection. Blackhat Academy has now provided proof-of-concept code, which, according to its advisory, can be used to bypass it." 
Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/qgyCD_ap87w/Facebooks-URL-Scanner-Vulnerable-To-Cloaking-Attack
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot