Filtered By: Hashtag
Hashtag

Facebook fixes 'peeping tom' webcam bug... After 5 months


Facebook has fixed a security issue that allowed hackers to record video from a victim's computer web camera and post it on their timeline.
 
A report on UK's The Register said Indian security researcher Aditya Gupta discovered the flaw as early as July, but it took Facebook five months to fix it.
 
Gupta, who along with fellow security researcher Subho Halder from XY Security earned $2,500 from Facebook for disclosing the bug, said an attacker exploiting the bug "could trick a user to silently record his webcam video and publish it to his Facebook wall, without the user even knowing about it."
 
The report said the Cross-Site Request Forgery (CSRF) bug stemmed from a failure to apply adequate security controls.
 
Meanwhile, Facebook responded quickly to a flaw in its New Year "Midnight Delivery" messaging service.
 
The service delivers New Year's messages from Facebook users to selected friends at midnight of Dec. 31.
 
But tweaking the URL can potentially allow anyone to see the intended recipients, the contents of message.
 
Security blogger Jack Jenkins noticed the bug, which could expose private messages. — TJD, GMA News