• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
TechEngage®

TechEngage®

Connecting mankind with technology

  • News
  • Reviews
  • Cryptocurrency
  • How-to
  • Roundups
  • Science
    • Energy
    • Environment
    • Health
    • Space
  • Apps
  • More
    • Opinion
    • Noteworthy
    • Culture
    • Events
    • Deals
    • Startups
      • Startup Submissions
  • Videos
  • Tools
TechEngage » News » Security

Facebook users' information becomes vulnerable, AGAIN!

Avatar Of Areen Zahra Areen Zahra November 15, 2018

facebook user privacy
FacebookTweetPinLinkedInPrintEmail

This year did not go well for Facebook, keeping in mind all the security breaches and profile hack scandals the company went through. Late in May 2018, a security firm, Imperva, found a bug that allowed other websites to access information from Facebook. This was possible only through logged in Facebook accounts. With a sigh of relief, that bug has been fixed!
Initially, in May 2018, Imperva highlighted a vulnerability in chrome that can allow other bad actors to steal private information about Facebook users and their friends. The firm further dug in to find out if there were more bugs or loopholes that could result in data robbery.
Ron Masas, the person working on the bug’s research, found out that Facebook was prone to cross-site request forgery. This made it clear that information from logged in Facebook accounts was accessible to data hackers through queries in the code.
Masas, while researching the Chrome piece,  found out that Facebook’s online search result contains an iframe element which was used for some internal tracking purpose. These made Facebook prone to malicious sites as they could easily get an to access Facebook’s data.

If a Facebook user opens up a malicious site, the site forces them to perform a search that can end up giving some good amount of insight into the user’s preferences. Following the same technique, hackers can also learn or extract data about a user’s friend.

Queries can be used to search if a user has a friend from a specific area or a friend with a specific name. Also, one can know about locations visited by a user or if the user has clicked photos in a certain location or a country. Hackers can also put up queries that can return results that tell whether a user wrote a post with a specific word in it or not. It is also possible to know about a person’s religion through these queries. Watch the video to know how!

A Facebook spokesperson told TechCrunch that this vulnerability had not resulted in a data loss yet and that Facebook awarded Imperva with two separate bug bounty rewards of worth $8,000.

We appreciate this researcher’s report to our bug bounty program. As the underlying behavior is not specific to Facebook, we’ve made recommendations to browser makers and relevant web standards groups to encourage them to take steps to prevent this type of issue from occurring in other web applications

We hope that Facebook conducts a strong analysis to reconsider its security measures. Stay tuned to learn more!

Related Tags: Facebook User privacy

Related Stories

  • Whatsapp Is Reportedly Working On Multi Phone And Tablet Chatting

    WhatsApp is Reportedly Working on Multi Phone and Tablet Chatting

  • Facebook'S Third-Party Reviewers Or Turtles? Scientists Can'T Tell.

    Facebook's third-party reviewers or turtles? Scientists can't tell.

  • Twitter Is A Toxic Place For Women; Amnesty Report

    Twitter is a toxic place for women; Amnesty Report

FacebookTweetPinLinkedInPrintEmail
Avatar Of Areen Zahra

Areen Zahra

Former Technology Writer

IT professional and a passionate writer who enjoys putting my love of technology into words for a general audience.

Reader Interactions

Share Your Thoughts Cancel reply

Please read our comment policy before submitting your comment. Your email address will not be used or publish anywhere. You will only receive comment notifications if you opt to subscribe below.

Primary Sidebar

Become a contributor

We are accepting contributor applications. All applications will be decided in 3 days after applying. To learn more click here.
TechEngage-Apple-News
TechEngage-Google-News

Best smart home apps for efficient control

best chair covers

Best chair covers on Amazon for 2023

Recent Stories

  • A Secret to live a blissful life
  • How to sync Google Drive with OneDrive
  • 5 Best video game consoles to Buy on Amazon in 2023
  • Exploring the Science Behind How a Washing Machine Cleans Your Clothes
  • Android Rooting Guide: Risks and Procedure to Root an Android Device

Footer

Discover

  • About us
  • Newsroom
  • Staff
  • Advertise
  • Send us a tip
  • Startup Submission Questionnaire
  • Brand Kit
  • Contact us

Legal pages

  • Reviews Guarantee
  • Community Guidelines
  • Corrections Policy and Practice
  • Cookies Policy
  • Our Ethics
  • Disclaimer
  • GDPR Compliance
  • Privacy Policy
  • Terms and Conditions

Must reads

  • Best AirPods alternatives on Amazon
  • Best PC monitors for gaming on Amazon
  • Best family board games
  • Best Graphics Cards (GPUs) for gaming
  • Best video doorbells without subscription
  • Best handheld video game consoles
  • Best all-season tires for snow
  • Best mobile Wi-Fi hotspots
  • Best treadmills on Amazon
  • Best AM radios for long-distance reception

Download our apps

TechEngage-app-google-play-store
TechEngage app coming soon on App Store

Copyright © 2023 · All Rights Reserved · TechEngage® is a Project of TechAbout LLC.
TechEngage® is a registered trademark in United Kingdom under Trademark Number UK00003417167 and is ISSN protected under the ISSN 2690-3776 and OCLC Number 1139335774.

Go to mobile version
Share this ArticleLike this article? Email it to a friend!

Email sent!