Home > IT Blogs > Irregular Expressions/

Irregular Expressions:

facebook

1
March 30, 2012  1:18 AM

Facebook Forensics



Posted by: Dan O'Connor
facebook, Forensics

Yay for forensics. http://www.wired.com/threatlevel/2012/03/facebook-ownership-forensics/ Faking forensic data seems simple from the outside but when you really get to the nitty gritty it is not the simplest problem to solve. This case revolves around a contract that gives him half owner ship...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

November 9, 2010  11:52 PM

The evolution of facebook click jacking



Posted by: Dan O'Connor
click jacking, clickjacking, facebook

How much further can click jacking in facebook go? Right now the main ones that I have seen are working to either gather information (or just a prof of concept) and try to use a browser vulnerability on the redirected page to infect the host. Another from the Sophos blog tries to get you on a...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

October 29, 2010  12:10 AM

facebook session hijacking



Posted by: Dan O'Connor
facebook, hijack

I love it when people do all of the work for you. http://codebutler.github.com/firesheep/ Firesheep is a FireFox plugin to hijack FB session, it looks really good. There is a slide show here http://codebutler.github.com/firesheep/tc12/ With a short demo. Here is a shot of the...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

October 25, 2010  11:15 PM

How much is too much with facebook?



Posted by: Dan O'Connor
facebook

Interesting note, applications can permit access to your 'personal' information on facebook.  Not only your information directly, but if one of your friends has the application installed, it will have access to their friends data. Is that really something that users need? Not really. Now...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

October 13, 2010  7:10 PM

One more facebook thing



Posted by: Dan O'Connor
facebook

I have talked about creating fake facebook profiles to gather information from people. But I saw a couple things in the last two weeks that I thought was neat. http://www.networkworld.com/news/2010/091910-interpol-chief-has-facebook-identity.html That is too funny, it sounds like who ever did...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

October 12, 2010  8:25 PM

Some more stuff with facebook



Posted by: Dan O'Connor
facebook

A little older post from isc.sans.edu about more 'like' stuff at facebook. http://isc.sans.edu/diary.html?storyid=9556 Not exactly the same as what I previously posted, but it's something else to read. Sure can make facebook live up to it's number two threat vector on the internet. I...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

October 3, 2010  12:21 AM

Something is a miss with Java Script!



Posted by: Dan O'Connor
exploits, facebook, java script

Something strange is going around the facebooks in the last couple days, I noticed a few people posting this 'like' but did not pay much attention to it. http://mashable.com/2010/10/01/warning-facebook-like-worm-spreading-through-javascript-exploit/ The story says that it does not appear to...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

July 18, 2010  12:33 AM

Excellent work up of a facebook vulnerability



Posted by: Dan O'Connor
facebook, facebook sql, inj3ct0r, inj3ct0r facebook

The inj3ct0r team did a real good job with this write up, http://inj3ct0r.com/exploits/11638 In the next few days I will pull a few quotes out of it and try to expand a little more on whats going on. Enjoy!

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

1