Get a Pentest and security assessment of your IT network.

News

How I Could Compromise 4% (Locked) Instagram Accounts Arne Swinnen’s Security Blog

Missing authentication combined with a simple Insecure Direct Object Reference vulnerability allowed to overtake a selection of temporary locked Instagram accounts. An extrapolation of the PoC account range learned that 4% of all existing & active Instagram accounts (approx. 500 million) were in a vulnerable locked state. Facebook fixed the vulnerability within a day and granted a $5,000 bounty 10 days later. The required trust relationship between researchers and bug bounty providers in the eco-system relies on this, which is still too often under pressure currently.”]

Source: https://www.arneswinnen.net/2016/03/how-i-could-compromise-4-locked-instagram-accounts/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2