LinkedIn Security Blog

  • Same Origin Method Execution Diagram

    Finding Same Origin Method Execution Vulnerabilities

    October 19, 2016

    This summer I had the privilege of interning on LinkedIn’s House Security team. During this period I was tasked to analyze the details of a relatively new class of vulnerabilities, and create a BurpSuite extension that would help identifying problematic sites. In addition to open-sourcing the extension, we want to shed some more light on Same Origin Method...

  • Who Are You? A Statistical Approach to Protecting LinkedIn Logins

    January 22, 2016

    Can you can spot your LinkedIn password in the above image? Is your password on LinkedIn the same as another website? Have you been a victim of a phishing attempt? If so, your username and password might be in an attacker’s database without you even knowing it! Not to fear though — LinkedIn works hard to protect member accounts against attackers who have your...

  • Abusing CSS Selectors to Perform UI Redressing Attacks

    November 23, 2015

    Earlier this year, we received an interesting security advisory from Ruben van Vreeland regarding an issue discovered within our publishing platform. The technique Ruben described is unique and exemplifies the creativity needed to produce high-quality research. We analyzed his report and resolved the vulnerability. While we typically do not talk about bugs that...

  • Removing Fake Accounts from LinkedIn

    November 20, 2015

    Integrity of the platform is of the utmost importance to LinkedIn. When members interact with other members on LinkedIn, they expect...

  • Introducing QARK

    August 17, 2015

    Last week, at DefCon 23 and BlackHat USA 2015, LinkedIn's House Security team announced the release of an alpha version of QARK, the...

  • Debrief from Black Hat - The Tactical Application Security ...

    August 7, 2015

    This week, members of LinkedIn’s security team descended on Las Vegas to participate in Black Hat. My colleague Cory and I presented a...