Editor's Choice
Analytical Instrumentation & Environmental Monitoring
Data Acquisition & Telemetry
Electrical Power & Protection
Enclosures, Cabling & Connectors
Fieldbus & Industrial Networking
Flow Measurement & Control
Industrial Computer Hardware
Industrial Wireless
IS & Ex
IT in Manufacturing
Level Measurement & Control
Maintenance, Test & Measurement, Calibration
Mass Measurement
Motion Control & Drives
News
Operator Interfaces, Switches & Relays
PLCs, DCSs & Controllers
Pneumatics & Hydraulics
Pressure Measurement & Control
SAIMC
SCADA/HMI
Sensors & Transducers
Smart Home Automation
System Integration & Control Systems Design
Temperature Measurement
Training & Education
Valves, Actuators & Pump Control


IT in Manufacturing



Print this page printer friendly version

BitDefender offers insights into recently discovered Facebook vulnerability

1 May 2011 IT in Manufacturing

Security provider advises users on how to stay protected against future after Facebook vulnerabilities.

Symantec recently discovered a security vulnerability that affected the way third-party programs, such as games and other applications, accessed user data and information. According to BitDefender, the entire issue is related to OAUTH, the secure authorisation protocol, and the use of some deprecated parameters by different applications which are still not updating from OAUTH to its latest version, OAUTH2.0.

From this vulnerability, third parties, such as advertisers can get hold of access tokens, which open Facebook users’ account information (such as basic information, profiles, pictures) and will sometimes give them the ability to perform different actions in the user’s name.

“At the current time, it is unclear whether there actually was a data breach or not. Symantec discovered a security issue and notified Facebook accordingly,” commented Catalin Cosoi, head of the BitDefender Online Threats Lab. “This could mean that the issue was proactively discovered and Facebook fixed it before anyone lost any data. On the other hand, it could mean that it is a known vulnerability in the underground or unethical world and users’ private data has been leaking for some time now.”

Facebook has solved this issue as soon as possible, but this episode teaches all users two main lessons:

(1) applications should have switched to the new authorisation mechanism as soon as possible, and

(2) If any data was leaked, there is not much to be done now, since it is lost for good.

Although it should not be the case here, information extracted from social media can be easily converted into directed attacks, like phishing, highly social engineered spam messages and possibly even identity theft. Users should pay extra attention in the following months when it comes to all messages received and be very careful when asked to perform different actions, even if the messages/requests come from a trusted source.

“This information can be illicitly used by marketers and advertisers in order to better profile their users and to serve ads based on interests and views. As always, a good way for Facebook users to invalidate their current access tokens is for them to change their passwords,” advised Cosoi.





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Sustainable energy management
Siemens South Africa IT in Manufacturing
Utilising its innovative ONE approach technology, Siemens provides complete transparency on resource consumption and offers data-driven optimisation recommendations for sustainable energy management.

Read more...
Paving the way for a carbon-neutral future in South Africa
IT in Manufacturing
At ABB Electrification, we believe the infrastructure of the future must do more than support daily operations, it must anticipate them. We are committed to building intelligent systems that connect and optimise infrastructure across sectors.

Read more...
Africa’s hidden AI advantage
IT in Manufacturing
Through my work implementing AI systems across three continents, I’ve become convinced that Africa’s unique context demands urgent AI adoption. Successful implementation requires local expertise to understand resource constraints as design parameters to create the innovations that make technology truly work under real-world conditions.

Read more...
Siemens Xcelerator empowers space-tech pioneer, Skyroot Aerospace
Siemens South Africa IT in Manufacturing
Siemens Digital Industries Software has announced that Skyroot Aerospace, a leading private space launch service company in India, has adopted Polarion software from the Siemens Xcelerator portfolio to digitally transform its software development processes and enhance efficiency as it aims to accelerate access to space for its customers worldwide.

Read more...
Water is running out, is your ESG strategy ready?
IT in Manufacturing
Water is one of the most critical yet undervalued resources in modern business. Water stewardship asks businesses to understand their water footprint across the entire value chain and to engage with others who share the same water resources.

Read more...
Cybersecurity in 2025: Six trends to watch
Rockwell Automation IT in Manufacturing
Rockwell Automation’s 10th State of Smart Manufacturing report finds that cybersecurity risks are a major, ever-present obstacle, and are now the third-largest impediment to growth in the next 12 months.

Read more...
The state of the smart buildings market in 2025
IT in Manufacturing
Smart buildings are entering a transformative phase, driven by sustainability goals, technological innovation and evolving user expectations. According to ABI Research’s latest whitepaper, the sector is undergoing a strategic overhaul across key areas like retrofitting, energy efficiency, data-driven operations and smart campus development.

Read more...
Digital twin for Bavaria’s National Theatre
Siemens South Africa IT in Manufacturing
Siemens and the Bavarian State Opera are digitalising the acoustics in Bavaria’s National Theatre in Munich, Germany. The result is a digital twin that simulates sound effects, orchestral setups and venue configurations in a realistic 3D acoustic model so that musicians, the director and conductors can assess a concert hall’s acoustics even before the first rehearsal.

Read more...
How AI can help solve South Africa’s water crisis
IT in Manufacturing
Climate change, ageing infrastructure, pollution and unequal access are putting intense pressure on the country’s water systems. A powerful question arises: “Can artificial intelligence help us change course?”

Read more...
Backup has evolved, but has your strategy?
IT in Manufacturing
With cyber threats rising and compliance standards tightening, South African organisations are under growing pressure to revisit their data protection strategies. The era of treating backups as a box-ticking exercise is over.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  Hi-Tech Security Solutions
»  Hi-Tech Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd | All Rights Reserved