+ - Facebook's URL Scanner Vulnerable to Cloaking Atta->
Submitted
by
itwbennett
itwbennett writes ""Hatter," a member of hacking think-tank Blackhat Academy, provided a live demonstration, which involved posting the URL to a JPEG file on a wall. Facebook crawled the URL and added a thumbnail image to the wall post, however, clicking on its corresponding link actually redirected users to YouTube. This happened because the destination page was able to identify Facebook's original request and served a JPEG file. Earlier this week, Facebook signed a partnership with Websense to use the security vendor's cloud-based, real-time Web scanner for malicious URL detection. Blackhat Academy has now provided proof-of-concept code, which, according to its advisory, can be used to bypass it."
Link to Original Source
Link to Original Source
Facebook's URL Scanner Vulnerable to Cloaking Atta More Login
Facebook's URL Scanner Vulnerable to Cloaking Atta