As Hamel and Moore demonstrated at the Black Hat Conference, users do not even have to have the configuration information of the social network to attack, and do not have to have an account. You can send photos of others to the Internet and get online information to build convincing information.
Second, manufacturing spam and botnets
Spam manufacturing has become a huge industry, advertising, click fraud, botnets need to effectively spread their messages, malware ( A mechanism of either or both. Attackers have long entered the social networking community like locusts, hijacking user accounts, and using their address books to spread spam, worms or other malware.
It can be seen that more and more malware is being placed in spam as an attachment. This can be clearly seen in famous social networking sites abroad. This type of email is characterized by attracting people who don’t know the truth to a "special" web page, such as enticing a user to click on a wonderful video link, which is actually a download link for a Trojan horse that will sneak up on malware. Download to the user's computer and turn this computer into a member of the botnet.
Third, the modified social network application
Users do not think too much about installing the application into their browser, but these applications may be accessed The ability of the user's system, and some of the user's extremely private information may be stored in its own system, the danger is obvious. However, there are always some users who think that installing these applications is not a big deal.
This makes third-party applications an easy tool for attackers. In addition, third-party application services have also enabled code-based attacks.
But it's not that all social networking virtual tools are malicious. Opensocial, an open social networking site, offers tool developers the option of limiting malicious JavaScript in their applications, but unskilled developers don't know how to use them. These are just a few of the options, and few developers use this tool. The end result is that developers who are not sensitive to security can build applications that are as fast as wildfires on hay.
IV. Cross-mixing of personal information and professional information
Even if the user uses the account information of the social networking site for private use, and the account of another social networking site is used for the professional network, This also does not guarantee that the former picture will not appear in the latter's account, or even "run" into the boss's mailbox. Consider an open social network, whether it's a picture or a work experience, you can copy and paste it everywhere.
V. Cross-site scripting attacks or cross-site request forgery
Cross-site scripting attacks and cross-site request forgery vulnerabilities are obvious attack tools, and some social network worms use cross-site scripting attacks. Vulnerabilities help spread it. However, most social networks have mechanisms for dealing with cross-site scripting attacks. Cross-site request forgery is not yet popular.
Cross-site scripting attacks and cross-site request forgery pose no significant risk to social networking sites. In a cross-site scripting attack, malicious code is injected into a vulnerable web application, and users viewing those pages are "blacked out." In cross-site request forgery, an attacker would trick the user's browser into making a request for login.
Be aware that at any time, an attacker can force a user to load HTML code. The potential threat is that an attacker exploits a browser vulnerability through XSS/CSRF, infects a botnet, and manipulates user accounts.
Cross-site request forgery attacks can jump between multiple social networking sites, and when a user logs in, the attack can spread from one social network to another. In general, cross-site request forgery attacks are a kind of hacking behavior that people ignore.
For Windows XP, because it uses the NT core with high security performance, the system runs fairly s
2. Backup the current BIOS The backup BIOS parameter is b, the command format is nvflash -b, that is
The rookie always has a lot of confusion and doubts in the process of playing computer. This is not
Usually when we use Windows XP, we must always log in first. The login authentication mechanism of W
In Windows Vista, how to find the picture in the picture
How to solve the problem that the file cannot be accessed after the system is reinstalled
Is there any way to block the Windows XP operating system daemon
Change the XP system configuration to make the system run faster (2)
Windows XP Management System Process Optimize System Resources
How to thoroughly optimize the computer's full Raiders skills
Xp implements a convenient method for automatic restart
What causes the system's icon to display anomalies.
9 major reasons and solutions for high CPU usage
It is forbidden to modify XP file attributes to make files no longer leaked
No password Win7 directly into the system
Teach you to adjust the Windows 7 taskbar
The five major categories of Windows 7 suspended animation and countermeasures (1)
Win10 RTM has started to push to Windows Insiders users for free
Perfectly solve all problems of Chinese Vista sidebar weather
Win10 preview version 9860 Skype does not load how to fix
How to use Win7 task manager to judge whether the process can be closed
Win7 Ultimate system set the power-on password prompt Windows can not change the password solution
Unity users use WinXP again over Win7 system
What should I do if the win10 taskbar does not respond to black bars?