{"id":5913,"date":"2018-11-14T10:04:53","date_gmt":"2018-11-14T15:04:53","guid":{"rendered":"http:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/?p=5913"},"modified":"2018-11-14T10:04:53","modified_gmt":"2018-11-14T15:04:53","slug":"another-facebook-bug-could-have-exposed-your-private-information","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/2018\/11\/14\/another-facebook-bug-could-have-exposed-your-private-information\/","title":{"rendered":"Another Facebook Bug Could Have Exposed Your Private Information"},"content":{"rendered":"<p>The security company Imperva has released new details on a Facebook vulnerability that could have exposed user data. The bug allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser. The bug was disclosed to Facebook and resolved in May.<\/p>\n<p id=\"asHMlG\">In technical terms, the attack is<span class=\"apple-converted-space\">\u00a0<\/span>a cross-site request forgery, using a legitimate Facebook login in unauthorized ways. For the attack to work, a Facebook user must visit a malicious website with Chrome, and then click anywhere on the site while logged into Facebook. From there, attackers could open a new pop-up or tab to the Facebook search page and run any number of queries to extract personal information.<\/p>\n<p>https:\/\/thehackernews.com\/2018\/11\/facebook-vulnerability-hack.html<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The security company Imperva has released new details on a Facebook vulnerability that could have exposed user data. The bug allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser. The bug was disclosed to Facebook and [&hellip;]<\/p>\n","protected":false},"author":17266,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[716936],"tags":[],"class_list":{"0":"post-5913","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-11-it-risk","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts\/5913","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/users\/17266"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/comments?post=5913"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts\/5913\/revisions"}],"predecessor-version":[{"id":5914,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/posts\/5913\/revisions\/5914"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/media?parent=5913"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/categories?post=5913"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec001fall2018\/wp-json\/wp\/v2\/tags?post=5913"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}