Skip to main content

Facebook has fixed a serious security bug

Facebook has fixed a serious security bug that could have been exploited by hackers to delete any video shared by anyone on their wall.


A new bug was discovered in the Facebook platform by the security researcher Dan Melamed, the flaw could be exploited to delete any video shared by anyone on their wall.
Dan Melamed explained that a similar issue was discovered in June 2016 by the Indian security researcher Pranav Hivarekar who demonstrated that was able to delete any video by exploiting a security issue that exits in the recently introduced video comment feature.
The new but discovered by Melamed allowed him to delete any video on Facebook shared by anyone without having any permission or authentication. The expert also discovered that was possible to disable commenting on the video of your choice.
“Back in June of last year I discovered a critical vulnerability that allows me to remotely delete any video on Facebook. In addition, I also had the ability to disable commenting on any video. This allows a bad actor the ability to delete videos on Facebook without permission or authentication.” states the blog post published by Melamed.
The expert detailed the steps to exploit the vulnerability. He first created a public event on the Facebook page and uploaded a video on the Discussion part of the event.
The expert analyzed a POST request while uploading a video using the Fiddler debugging proxy and noticed the presence of a Video ID that could be manipulated. Melamed discovered that was possible to replace the Video ID value of the video he uploaded with Video ID value of any other video, in turn, the platform responded with a server error (i.e. “This content is no longer available,“).
Despite the error message the new video was successfully posted and displayed on the user’s wall.
Once posted the video, Melamed deleted the event post and eventually deleted the attached video, this operation triggered the removal of the video from Facebook and the wall of the victim.
“You will also notice in the drop down section that there is the option to “Turn off commenting.” This allows you to disable commenting on the video of your choice,” Melamed writes.

Popular posts from this blog

TOP TEN POPULATED CITIES IN THE WORLD

Read more

The source code for a new banking Trojan

The source code for a new banking Trojan dubbed Nuclear Bot was leaked online, experts speculate a rapid diffusion of the threat in the wild . The source code for a new banking Trojan, dubbed Nuclear Bot, is available for sale in the cyber criminal   underground.The Nuclear Bot banking Trojan first appeared in the cybercrime forums in early December when it was offered for $2,500. The malicious code implements features commonly seen in banking Trojans, it is able to inject code in Mozilla Firefox, Internet Explorer and Google Chrome browsers and steal sentitive data provided by the users. “In early December 2016, IBM X-Force researchers noticed the emergence of a new banking malware advertised for sale in a few underground boards.” reads a blogspot published by IBM researchers who are following the evolution of the threat. “The malware’s vendor, who went by the online moniker Gosya, was a Russian-speaking member who introduced himself as the developer of Nu...
Read more

TAMILNADU UNIVERSITY LIST

State Government Universities Anna University Annamalai University Alagappa University Bharathidasan University Bharathiar University Madurai Kamaraj University Manonmaniam Sundaranar University Mother Teresa Women's University Periyar University Tamil Nadu Agricultural University Tamil Nadu Dr. Ambedkar Law University Tamil Nadu Dr. M.G.R. Medical University Tamil Nadu Open University Tamil Nadu Physical Education and Sports University Tamil Nadu Teachers Education University Tamil Nadu Veterinary and Animal Sciences University Tamilnadu Horticulture University Tamil University Tamil Virtual University Thiruvalluvar University University of Madras Central Government University Central University of Tamil Nadu Gandhigram Rural University Private Deemed Universities Avinashilingam University for Women B S Abdur Rahman University Bharath University Chettinad University Dr. MGR Research Institute University...
Read more