MySpace begins its month of independent security tests

A group of hackers has kicked off its month of MySpace vulnerabilities, which it hopes will make more of a splash than January’s month of bugs for Apple’s software.

But they acknowledge they’ve started off with a softball, as the first one revealed on Sunday isn’t too dangerous, they wrote.

The problem involves URL (Uniform Resource Locator) spoofing. An attacker could build an official-looking MySpace page using MySpace’s CSS (Cascading Style Sheets) editing features that’s designed to solicit a person’s log-in details. The fake page could have a URL that reads “www. myspace. com/PasswordReset.”

Leave a Reply