They initially reported the bug to Dropbox through its HackerOne program, where hackers report vulnerabilities for companies and get paid bounties for reporting them. The vulnerability was discovered in September by a group of Polish security researchers known as GDIY (pronounced “giddy”). If the attackers entered incorrect passwords multiple times, they were able to bypass security checks and access private photos stored on the victims’ devices. The bug occurred when attackers used a flaw in how the application checked whether users had typed in their passwords correctly. Just ask the programmers who created the form that allowed hackers to steal hundreds of nude pictures from more than 200 celebrities in October 2017, including Jennifer Lawrence and Kate Upton. Comments Off on How Form Validation Bug Caused Massive Dropbox Nudes Leakįorm validation is an important part of designing any kind of software, but it can be a difficult problem to solve.How Form Validation Bug Caused Massive Dropbox Nudes Leak
0 kommentar(er)
