Facebook bug hunter finds a backdoor left by hackers on corporate server

When Orange Tsai set out to participate in Facebook’s bug bounty program in February, he successfully managed to gain access to one of Facebook’s corporate servers. But once in, he realized that malicious hackers had beaten him to it.

Tsai, a consultant with Taiwanese penetration testing outfit Devcore, had started by mapping Facebook’s online properties, which extend beyond user-facing services like facebook.com or instagram.com.

One server that caught his attention was files.fb.com, which hosted a secure file transfer application made by enterprise software vendor Accellion and was presumably used by Facebook employees for file sharing and collaboration.

To read this article in full or to leave a comment, please click here


Original URL: http://www.computerworld.com/article/3060623/security/facebook-bug-hunter-finds-a-backdoor-left-by-hackers-on-corporate-server.html#tk.rss_all

Original article

Comments are closed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: