Informationweek Influencer
Ryan Dewhurst (@ethicalhack3r)
- Twitter Bio:
- Ethical Hacking Graduate / Security Enthusiast / Security Engineer
- Location:
- UK-FR-ES
- Website:
- http://www.dewhurstsecurity.com/
Ryan Dewhurst's Selections From the Web
Every year the security community produces a stunning amount of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and their mobile platform equivilents. Beyond individual vulnerabilities with CVE numbers or system compromises, here we are solely focused on new and creative methods of Web-based attack. Now it its seventh year, The Top Ten Web Hacking Techniques list encourages information sharing, provides a centralized knowledge-base, and recognizes
This flaw allowed me to take a full control over any Facebook account, By exploiting this flaw I could steal unique access tokens that provides me full control over any Facebook account, just to clarify there is no need for any installed apps on the victim's account, Even if the victim never allowed any application in his Facebook account, I could still be getting full permissions (This bug works on any browser) To make this exploit work, The victim only need to visit a webpage,So OAuth is used by Facebook to communicate between Applications and Facebook users, Usally users must allow/accept the application request to access their account
It appears that we are well on our way to the “Summer of Breach 2012″ as site after site falls and password hashes leak out all over the tubes of the internet.
In a bid to keep track I decided to put up a scorecard of sorts to help keep track. This is the list that I have so far.
Upcoming Events
Live Events
- I Can See Clearly Now - E2 Conference Boston
- Get practical strategies to build a solid plan for profitability and success - Mobile Commerce World - Mobile Commerce World
- Learn how to enage customers through mobility - Mobile Commerce World - Mobile Commerce World
- Learn how to best integrate mobile commerce with your current systems -- Mobile Commerce World - Mobile Commerce World
- How to Choose a SaaS Vendor - E2 Conference Boston
This Week's Issue
Free Print Subscription
SubscribeSpecial Issue
Current Government Issue
- The Government CIO 25: These influential and accomplished government IT leaders are finding ways to be cost efficient and still innovate.
- Rethink Video Surveillance: It's not just about networked cameras anymore. New technology provides analytics, automation, facial recognition, real-time alerts and situational-awareness capabilities.
- Read the Current Issue
Related Whitepapers
Related Reports
