November 12, 2014 by

Why is Facebook this Slow to Patch Security Holes?

How secure do you think Facebook is? It turns out Facebook doesn’t even patch holes that were directly reported to them. Even after almost a year of knowing!

Today, LIFARS was contacted by an a developer from India, Vivek Bansal. He told us that about 11 months ago, he managed to hack Facebook and post on other people’s behalf. He reported this to Facebook and was awarded $2000 for his discovery. However, now, almost a year later, the bug is still there, even after Facebook claimed to have patched it by now.

Vivek was surprised to find out recently that he can still hack the social media giant using the very same script he submitted to them. This of course raises questions about how much emphasis giants like Facebook, and possibly others, put on security.

Watch as Vivek demonstrates his attack in the video below:

 

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Banking Malware Spin-Off Targets Twitter, Facebook Accounts

A sophisticated strain of malware based on the Zeus trojan has been discovered monitoring and...

Read more arrow_forward

Hackers Steal Compromising Photos from High-Profile Plastic Surgeon

Hackers have broken into a high-profile plastic surgeon in London to steal a cache of sensitive...

Read more arrow_forward

Five Key Aspects of The GDPR

Effective beginning May 25, 2018, the General Data Protection Regulation (GDPR) is set to replace...

Read more arrow_forward