Isn’t it scary to think that anyone can book rides using your Uber account and pay using your PayTM wallet? Well, it might be happening right here, right now as you read through this article. Mohit Bagga and Tajinder Pal Singh Chouhan of CodeBibber recently stumbled upon a security breach in Facebook login protocol that websites are using for authenticating the user, which can expose your data on multiple platforms. In simple words, whenever you choose the “Login through Facebook” option on any website or mobile app, you expose every other account where you logged in through Facebook. “We were hacking around the Facebook login that gives us the access token. We wondered if we could post other login requests to Zomato and Snapdeal as to see if they accept the token because it is a valid token for Facebook. We tried and were successfully logged in,” said Mohit Bagga, co-founder and CTO, CodeBibber. He added that they did several checks on various platforms before confirming this claim. “We have a toolbox that gives you total control over headers and parameters that you want to pass through the server and we use mitm-proxy (man in the middle proxy or a […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post Here’s how ‘Login through Facebook’ is a serious cyber security threat! appeared first on National Cyber Security.
View full post on National Cyber Security