A police statement said that a vehicle was hit by a blast in the Bijapur district of Chhattisgarh
asia1 hour ago
After Facebook admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.
Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to "View As" look-up in the last year.
"For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms," Chester Wisniewski, principal research scientist with global cyber security major Sophos, told IANS.
According to Dr Gary McGraw, vice-president of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.
"When a feature like 'View As' can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability," noted Dr McGraw.
"Design flaws like this lurk in the mind boggling complexity of today's commercial systems, and must be systematically uncovered and corrected when software is being designed and built," he added.
If you've ever wondered what keeps you logged into your account even after you restart your laptop/browser - those are access tokens (cookies).
They maintain a constant session even when your IP changes.
"In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target's account that would give the attacker, complete access of the target's account," said Saket Modi, CEO and co-founder of Lucideus, an IT risk assessment and digital security services provider.
According to experts, they don't know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one's profile data but, in this case, potentially the personal messages, pictures and chats, among others.
"As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc," Modi advised.
Facebook said it does not know who is behind this massive security attack.
"We're working hard to better understand these details and "we will update this post when we have more information, or if the facts change," said the company.
In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon.
A police statement said that a vehicle was hit by a blast in the Bijapur district of Chhattisgarh
asia1 hour ago
We have seen United play well in big games and then lose or draw a series of subsequent fixtures
football1 hour ago
The waves will be slight to moderate at times in the Arabian Gulf and slight in Oman Sea
weather1 hour ago
Sheikh Abdullah highlighted the importance of providing all factors of security and stability for Syria's people for a future of prosperity, progress and development
uae2 hours ago
If convicted, Sarkozy faces up to 10 years in prison for charges of concealing embezzlement of public funds and illegal campaign financing
mena2 hours ago
Sheikh Hamdan said he looked forward to the department being a 'beacon of excellence and innovation'
uae2 hours ago
The announcement marks a dramatic reversal for the president who has long been critical of the FPO and has clashed with its leader Herbert Kickl
europe2 hours ago
More than 100 hostages are still believed to be held in Gaza
mena2 hours ago