Security vulnerability found in Instagram app

Users of the popular photo-sharing app Instagram may want to think twice before posting and sharing their photos, after a vulnerability was found recently in the software.

Security vendor GFI Labs said the flaw found by security researcher Sebastian Guerrero allows an attacker to add himself as a prospective victim's "friend."

"(This can potentially give) attackers access not only to personal information that can readily by stolen but also to photos that are marked as Private," it quoted Guerrero as saying.

It noted Guerrero aptly named the flaw a "Friendship Vulnerability.“

Citing Guerrero's findings, GFI said the flaw stemmed from a programming mistake that led the app to mishandle the process of authorizing friend requests.

Potentially, it said attackers can brute-force their way into a target’s Instagram account without their permission.

GFI posted screenshots of Guerrero's proof-of-concept where his test account managed to add itself to the Instagram accounts of celebrities like Kim Kardashian. — TJD, GMA News

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • Ayungin dilemma Ramon Casiple - Parallaxis
    Ayungin dilemma

    China faces a dilemma in Ayungin Shoal and other contested areas. If it waits for the ITLOS—which may decide against it—it would have tacitly bound itself to UNCLOS and risk a rogue state reputation if it asserts its claim in the South China Sea. If its militarily acts now, it may face international isolation. …

  • 48 nabbed in biggest anti-trafficking catch in Bongao VERA Files - The Inbox
    48 nabbed in biggest anti-trafficking catch in Bongao

    By Jake Soriano, VERA Files Bongao, Tawi-tawi—A team of Marines and policemen intercepted around noon Thursday 48 people, 12 of them minors, believed recruited by a human trafficking syndicate for work in Malaysia. The arrest constitutes what advocates called the … Continue reading → …

  • Docs vow to pay right taxes, make peace with BIR VERA Files - The Inbox
    Docs vow to pay right taxes, make peace with BIR

    By Kiersnerr Gerwin Tacadena, VERA Files Leaders of the medical profession have made peace with their former adversary, the Bureau of Internal Revenue (BIR), and joined forces in a campaign to get doctors to pay the right taxes. BIR Commissioner … Continue reading → …

Poll Choice Options