website vulnerability

Experts found a new bug in Facebook login system that allowed attackers to match random email addresses with users’ first and last names in spite of members’ actions taken to protect their privacy. Such a bug could have been exploited by social-engineering scammers, phishers, or anyone who has ever been curious about the person behind an anonymous email message. If the address belongs to any one of the 500 million active users on Facebook, the social-networking site will return the full name and picture associated with the account.

As Gary Locke, the US Commerce Secretary announced Monday, he has a firm belief the long-term health of the US economy would be positive despite concerns raised by the sovereign debt crisis in Europe.

“It's obviously a fragile economy and we're really feeling the effects of what's happening in Europe as well as some of the concerns on Asia, but the fundamentals of the US economy are strong,'' Locke said.

Google has released a new application developed to search for vulnerabilities in the websites. An open source security scanner known as Skipfish was designed as "security reconnaissance tool". It generates an interactive map of an application based on checks for certain security flaws, involving everything from self-signed SSL certificates to server-side SQL and XML injection.

While the scanner performs a recursive crawl of a site, it can also probe a list of pre-defined links.