Facebook has recently addressed an information disclosure vulnerability discovered by the security researcher Mohamed Baset that exposed page administrator.
The flaw is a “logical error” that he discovered after receiving an invitation to like a Facebook page on which he had liked a post. “One day I liked one of the posts of a specific page but I didn’t liked or followed the page itself after a few days I got an email notification from facebook regarding an invitation to like the page that I did already liked one of its posts, I was amazed by the feature but i realized that this is a feature to target non-fans and I was wondering what could go wrong since this is a new feature?” states the blog post published by the expert.Read more
Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.
The company did not disclose the extent of the attack to the public or its customers after its discovery in 2013, but the five former employees described it in separate interviews. Microsoft declined to discuss the incident. The database contained descriptions of critical and unfixed vulnerabilities in some of the most widely used software in the world, including the Windows operating system.Read more