Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Exploit for Android same origin policy flaw is leveraged against Facebook users

Exploit for Android same origin policy flaw is leveraged against Facebook users

2014/12/27

Softpedia - (International) Researchers with Trend Micro, Facebook, and BlackBerry are working to detect and resolve an attack targeting Facebook users using a campaign relying on a Blackberry app to steal access tokens which uses the same origin policy (SOP) exploit flaw in the Web browser of the Android OS lower than 4.4. The attackers rely on the vulnerability to serve a malicious JavaScript file to victims which is stored in a cloud storage account.

Source: http://news.softpedia.com/news/Exploit-for-Android-Same-Origin-Policy-Is-Leveraged-Against-Facebook-Users-468351.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:57