Excellent work up of a facebook vulnerability
The inj3ct0r team did a real good job with this write up, http://inj3ct0r.com/exploits/11638 In the next few days I will pull a few quotes out of it and try to expand a little more on whats going on....
View ArticleSomething is a miss with Java Script!
Something strange is going around the facebooks in the last couple days, I noticed a few people posting this ‘like’ but did not pay much attention to it....
View ArticleSome more stuff with facebook
A little older post from isc.sans.edu about more ‘like’ stuff at facebook. http://isc.sans.edu/diary.html?storyid=9556 Not exactly the same as what I previously posted, but it’s something else to read....
View ArticleOne more facebook thing
I have talked about creating fake facebook profiles to gather information from people. But I saw a couple things in the last two weeks that I thought was neat....
View ArticleHow much is too much with facebook?
Interesting note, applications can permit access to your ‘personal’ information on facebook. Not only your information directly, but if one of your friends has the application installed, it will have...
View Articlefacebook session hijacking
I love it when people do all of the work for you. http://codebutler.github.com/firesheep/ Firesheep is a FireFox plugin to hijack FB session, it looks really good. There is a slide show here...
View ArticleThe evolution of facebook click jacking
How much further can click jacking in facebook go? Right now the main ones that I have seen are working to either gather information (or just a prof of concept) and try to use a browser vulnerability...
View ArticleFacebook Forensics
Yay for forensics. http://www.wired.com/threatlevel/2012/03/facebook-ownership-forensics/ Faking forensic data seems simple from the outside but when you really get to the nitty gritty it is not the...
View Article
