Facebook vulnerability allowed access to personal and payment information

Bitdefender has discovered a significant vulnerability within Facebook which allowed access to any user account through simple social login manipulation. The attacker was able to gain access to personal user information, a contacts list for potential malware distribution and payment information – allowing purchases to be made in the user’s name. Attack vector The attack vector in this case – social logins – are an alternative to traditional authentication. This form of access offers users … More →
from Help Net Security http://ift.tt/23YrlpP