Network Security Notes: Attackers trick Facebook users into exposing secret security codes
Network Security Notes: Attackers trick Facebook users into exposing secret security codes
This post regarding network security, the Internet network security relevant to Facebook users, we should be aware of this problem...
Attackers trick Facebook users into exposing secret security codes
New social engineering attacks are tricking Facebook users into exposing anti-CSRF tokens associated with their sessions. These security codes allow attackers to make unauthorized requests through the victim's browser.
Cross-site request forgery (CSRF) is an attack technique that abuses the trust relationship between websites and authenticated users. Because of the way the Web works, a page can theoretically force a visitor's browser to issue a request to a third-party site where the user is authenticated, thus piggybacking on their active session.
In order to prevent this from happening, websites embed unique authorization codes known as anti-CSRF tokens into forms. Since these are not available to attackers, rogue requests can no longer be triggered successfully.
However, security researchers from Symantec have detected a new type of Facebook attack in which victims are tricked into handing over such tokens manually by going through a fake verification process....
Read more at...Attackers trick Facebook users into exposing secret security codes
Other sites you may want to see:
WWE: http://visa-wwe.blogspot.com/
The Kingdom of Wonder: http://welcome2cambodia.blogspot.com/
Daily Blogging: http://visablogging.blogspot.com/
Love Sharing: http://visa-love.blogspot.com/
NetworkSecurity: http://networksecuritynotes.blogspot.com/
About Insurance:http://visa-insurance.blogspot.com
All about Love: http://visa-love.blogspot.com/
Learning English Online: http://visa-elb.blogspot.com/
Discovery Internet: http://visa-isp.blogspot.com/ Read more...