123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Security Professional Exposes Vulnerability On Professional Networking Site

Profile Picture
By Author: eccuni
Total Articles: 211
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Over the recent years, social media sites have grown in popularity and usage. Professionals and businesses are also leveraging the benefits offered by these sites to promote their professional and business interests. However, the popularity and loads of information available on these sites has made them one of the favorite targets for cybercriminals. Attackers take advantage of user negligence and security vulnerabilities on the sites to gain access to confidential information, spread spam and mislead users. Recently, a security researcher identified security vulnerabilities on LinkedIn's website. LinkedIn is one of the popular networking sites used by professionals. The vulnerability could allow attackers to gain access to user accounts without providing login credentials. Reuters first reported the security flaw, identified by Rishi Narang, an independent security researcher based in India. The vulnerability is associated with cookie management by LinkedIn. Cookies are files placed on a user's computer system by websites. These files may contain information regarding the sites visited by Internet users. Usually, session ...
... cookies expire within a reasonable period depending on the log in activity, while persistent cookies remain for a longer duration on a user's computer system. In the case of LinkedIn, the researcher identified that cookies do not expire for a period of one year from their creation. If attackers gain access to cookies stored for user authentication, they may misuse the same for gaining unauthorized to user accounts on a website. A user account may contain sensitive data such as names, date of births, photographs, e-mail addresses, and contact numbers, list of friends, hobbies or areas of expertise and employment details. Attackers may extract or alter contents of the compromised user account, send arbitrary messages impersonating as a legitimate user, extract details from accounts of user's friends listed on the site, spread spam messages and malicious links.

Social media sites are prone to regular attacks by cybercriminals. Facebook and Twitter, in particular have been the favorite targets of attackers. With increase in popularity of other sites, cybercriminals may attempt to exploit weaknesses and security flaws to defraud users. As such, social media sites must be proactive in identifying and mitigating threat vectors through regular security audits by professionals qualified in penetration testing and masters of security science.

Internet users must use strong and unique passwords, and be wary of divulging personal and financial information on social media sites. Social media sites may encourage safe usage of the sites by users by sending e-flyers, security alerts, scam alerts, and creating awareness on privacy threats, and proper use of privacy settings.

Organizations must advise employees on the precautions to be adhered while accessing social media sites on work computers. They may limit the information divulged on the professional networking sites as cybercriminals may use social engineering techniques to extract privileged business information from employees. Mandatory e-learning and online degree programs on cyber security may help employees understand security threats and implement safe online computing practices.

Security professionals may benefit from online university degree programs to update themselves on best information security and website security mechanisms and strengthen the defenses of the organizations against vibrant threats emanating from the cyber space.

Total Views: 161Word Count: 525See All articles From Author

Add Comment

Computers Articles

1. Exploring How Ai In The Cloud Can Transform Your Business
Author: TechDogs

2. The Power Of Cloud And Ai: A New Era Of Collaboration
Author: TechDogs

3. Get Business Insights Using Expedia & Booking. Com Review Data Scraping
Author: DataZivot

4. Top 10 Reasons A Strong Communication Strategy Drives Prm Program Success
Author: Archi

5. Achieve Scalable Web Scraping With Aws Lambda
Author: Devil Brown

6. Overcoming Common Challenges In Iso 27001 Implementation
Author: Jenna Miller

7. Basic Computer Course: Your Gateway To Skill Development | The Institute Of Professional Accountants
Author: Tipa Institute

8. Top 7 Advantages Of React Js
Author: Bella Stone

9. Top 7 App Marketing Tools For Mobile Success
Author: Bella Stone

10. Revolutionizing Education Management With Samphire It Solution Pvt Ltd’s Erp Software
Author: CONTENT EDITOR FOR SAMPHIRE IT SOLUTIONS PVT LTD

11. Top 10 Healthcare Technology Trends
Author: goodcoders

12. "building Tomorrow’s Factories: The Role Of Automation & Robotics In Modern Manufacturing"
Author: andrew smith

13. The Ultimate Guide To The Best Ecommerce Plugin For Wordpress
Author: Rocket Press

14. Xsosys Erp: A Scalable Solution For Businesses In Any Industry
Author: Xsosys Technology(S) Pte. Ltd.

15. Rental Management Software: A Complete Solution For Car, Property, And Coworking Space
Author: RentAAA

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: