Security Breach in Ning (Largest Platform for Creating Social Websites) 100 Million Users Affected

Security Breach in Ning (Largest Platform for Creating Social Websites) 100 Million Users Affected 

Social networking company Ning is reportedly suffering from security problem that could affect 100 million users. Three students from the junior college Media College Amsterdam (MA) together discovered five security holes in Ning. They found those security vulnerabity immediately   after the social network platform launched at their school. In a report Dutch security firm - Angelo Geels and Alex Brouwer have exploited cookies to gain login control over Ning user accounts. They used a proof of concept that showed they could access 90,000 accounts and 100 million users, but had no intention of exploiting it for malicious purposes.
The first problem was that the boys were not so serious but annoying. People who can put a blog which is to deface the site through the HTML section on the website the html element 'div' with content sites. Thus, for example, an overlay on the website come with in the case of the website of the Media College a cat Nyan. Then became the administrator of the website is still unknown hackers through the community called for pie for dinner. The boys did, admitted that they had hacked the code, but then decided to go further to look for any other problems on Ning, so said the hackers in an extensive interview with Webwereld.
Soon they discovered that Ning sites very susceptible to cross site scripting (XSS). The MBO students of 17 and 18 were four non-persistent or reflective cross-site scripting vulnerabilities in the site. Which run over several pages on the website. For example, via a link to a specific comment, so with code, or a cancel link containing a standard URL to the previous page. For detail information about the story click here.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Categories: , ,

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...