Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Web Users Reward Researcher Who Exposed Facebook Flaw

SAN FRANCISCO – Internet users have raised more than $11,000 to reward a Palestinian security researcher who hacked into Facebook chief Mark Zuckerberg’s profile to expose a security flaw.

SAN FRANCISCO – Internet users have raised more than $11,000 to reward a Palestinian security researcher who hacked into Facebook chief Mark Zuckerberg’s profile to expose a security flaw.

The fundraising campaign on the website GoFundMe raised $11,045 from 179 people in one day for Khalil Shreateh, and was continuing to take donations after he was denied a “Facebook Bounty.”

“I hope this has raised awareness of the importance of independent researchers,” said Marc Maiffret, a security expert at the firm Beyond Trust who led the effort.

“I equally hope it has reminded other researchers that while working with technology companies can sometimes be frustrating, we can never forget the greater goal; to help the Internet community at large.”

While Facebook offers rewards for those who find security holes, the company said Shreateh went too far by posting the information on Zuckerberg’s own profile page without getting consent.

Shreateh said on his blog he found a way for a Facebook user to circumvent security and modify another’s timeline, even if they were not friends on the network.

He said he took the unusual step of hacking into Zuckerberg’s profile after being ignored by the Facebook security team.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.