Welcome to WebmasterWorld Guest from 54.226.25.231

Forum Moderators: httpwebwitch & not2easy

Message Too Old, No Replies

Facebook Says It Found No Evidence Of User Data Hacked

     

engine

6:07 pm on Feb 16, 2013 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



After analyzing the compromised website where the attack originated, we found it was using a "zero-day" (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability.

Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well. As one of the first companies to discover this malware, we immediately took steps to start sharing details about the infiltration with the other companies and entities that were affected. We plan to continue collaborating on this incident through an informal working group and other means.

There are a few important points that people on Facebook should understand about this attack:

- Foremost, we have found no evidence that Facebook user data was compromised.

- We will continue to work with law enforcement and the other organizations and entities affected by this attack. It is in everyone’s interests for our industry to work together to prevent attacks such as these in the future.

Facebook Says It Found No Evidence Of User Data Hacked [facebook.com]

Sgt_Kickaxe

4:30 am on Feb 17, 2013 (gmt 0)

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member



It looks like a "zero day" Java exploit is being blamed so Java's rep takes another beating and by sophisticated they mean they didn't target Facebook directly, they targeted employee laptops and used those to gain access instead.

A company is only as strong as the weakest link in their chain when it comes to hacking.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month