U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

Facebook compromised by zero-day Java exploit

In this last months we have registered numerous clamorous attacks against intelligence agencies, government offices, media and social networking platforms. Twitter was last victim in order of time but the thought of security experts was focuses of Facebook, the biggest social networking with more than 1 billion members, a mine of information related to the […]

Facebook compromised by zero-day Java exploit

In this last months we have registered numerous clamorous attacks against intelligence agencies, government offices, media and social networking platforms. Twitter was last victim in order of time but the thought of security experts was focuses of Facebook, the biggest social networking with more than 1 billion members, a mine of information related to the widest audience of users. Facebook is a single application that manages an impressive number of information of data and so it represents a privileged target for attackers.

Facebook company revealed on Friday that it has been hit in January by an unidentified group of hackers, fortunately no user information was compromised during the attack.

What is really interesting is the level of sophistication of the malware based attack that eluded security defense, it compromised the developer’s website and infected the employees machine when visited it.

The laptops infected were fully-patched and running up-to-date anti-virus software occurrence that suggests attacker have exploited zero day vulnerabilities hosting an exploit on the web site.

The official statements reports:

“Facebook, like every significant internet service, is frequently targeted by those who want to disrupt or access our data and infrastructure. As such, we invest heavily in preventing, detecting, and responding to threats that target our infrastructure, and we never stop working to protect the people who use our service. The vast majority of the time, we are successful in preventing harm before it happens, and our security team works to quickly and effectively investigate and stop abuse.

Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.”

Facebook advisory confirmed that security teams of the company are very active in the fight to cyber threats thanks to an intense collaboration with law enforcement and security teams of other companies. The attacks seems to have exploited a zero-day Java software vulnerability well before the official announcement provided by Oracle company.

“After analyzing the compromised website where the attack originated, we found it was using a “zero-day” (previously unseen) exploit to bypass the Java sandbox (built-in protections) to install the malware. We immediately reported the exploit to Oracle, and they confirmed our findings and provided a patch on February 1, 2013, that addresses this vulnerability.”

The investigation are still ongoing as confirmed by Facebook

We will continue to work with law enforcement and the other organizations and entities affected by this attack. It is in everyone’s interests for our industry to work together to prevent attacks such as these in the future.”

Pierluigi Paganini