MySpace



Mike Mimoso and Chris Brook discuss the news of the week, including the back and forth around whether or not TeamViewer was hacked, the fallout around the years-old MySpace and Tumblr breaches, and a 90K Windows zero day.

A SQL injection flaw has been discovered in Rockyou.com – a social networking application development website used by app developers for Bebo, Facebook and Myspace; The flaw could have allowed hackers access to the 32 million usernames and passwords. Read the full article. [eWEEK Europe]

Facebook administrators have blocked a clickjacking exploit that
displayed images of a scantily clad woman on profile pages without
first prompting the user for permission. Read the full article. [The Register]

The latest MySpace attack tries to lure recipients into giving up their
MySpace credentials, and then attempts to trick victims into installing
password-stealing malicious software. Attackers began blasting out the junk e-mails early Monday, according to researchers at the University of Alabama, Birmingham, Researchers at the school so far have tracked more than 30 Web site names associated with this attack, each beginning with “accounts.myspace.com” and ending in a United Kingdom country code domain (.uk). Read the full article. [Washington Post] 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.