Facebook Confirmed Security Breach on Friday By Java 0day

Facebook Confirmed Security Breach on Friday By Java 0day. Facebook is one of leading social media with more than 1 billion members. According to Facebook blog, "We have found no evidence that Facebook user data was compromised.". Hacker use malware to get excess of Facebook developers systems.
it is also confirmed that Facebook teams up with FBI to probe 'Malware attack'.

According to Facebook Security Notes

"There are a few important points that people on Facebook should understand about this attack:

- Foremost, we have found no evidence that Facebook user data was compromised. 
- We will continue to work with law enforcement and the other organizations and entities affected by this attack. It is in everyone’s interests for our industry to work together to prevent attacks such as these in the future."

Hackers use java zero-day to bypass sandbox to install malware.
According to Facebook "After analyzing the compromised website where the attack originated, we found it was using a "zero-day" (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability."

Oracle Corporation the owner of Java, has since issued a security patch that it says has fixed the problem. In its post, Facebook said it received the Java fix two weeks ago.

Facebook never mentioned the word “hack” in describing the breach. That, no doubt, was by design because hacking is a good thing in Zuckerberg’s vernacular.

One thing prove again that Hackers are no easy to stop. Their is nothing like 100% security. Its just matter of time.

Categories: ,


Post a Comment

Related Posts Plugin for WordPress, Blogger...