We’re not going on a summer holiday
You know the saying: “If it ain’t broke, don’t fix it.” Cybercriminals seem to have taken that truism to heart, because they continue to reuse the same old scams — and they never fail to find victims. Last summer, social media worldwide were flooded with reposts of fake airline giveaways. We covered it at the time,…
Cambridge Analytica Says it is ‘No Bond Villain’
Cambridge Analytica claimed Tuesday it was “no Bond villain” as it vehemently denied exploiting Facebook users’ data for the election campaign of US President Donald Trump. The marketing analytics firm stressed it had deleted data about Facebook users obtained in breach of the social network’s terms of service. The information had been gathered via a…
New targeted surveillance spyware found on Google Play
A new targeted surveillance app has been found and booted from Google Play. The app, named Dardesh, posed as a chat application and acted as a downloader for a second app that could spy on users. The Dardesh app was spotted and analyzed by Lookout researchers, who dubbed the malware family Desert Scorpion. How was…
Facebook Rolls Out ‘Data Abuse Bounty’ Program
The social media giant also got hit with a lawsuit the day before unveiling its new reward program. All eyes are on Facebook as the company wades its way through a sticky controversy centered on users’ privacy. As CEO Mark Zuckerberg testified before Congress this week regarding the Cambridge Analytica scandal, the social media giant…
How the Facebook privacy debacle is connected to the movement of IAM to containers
Personal data privacy and Facebook have never been comfortable bedfellows. This latest Facebook privacy debacle, where the data of 50 million users was shared without consent, with political marketing consultancy, Cambridge Analytica, may be the final straw. That seemingly little thing, that most people don’t really think too much about, consent, is raising its head above…
Facebook Launches New Anti-Phishing Feature
Facebook announced on Wednesday the introduction of a new security feature designed to help users check if the emails they receive are legitimate or if they have been sent by cybercriminals. When it detects a suspicious login attempt or a password change, Facebook notifies users by sending them an email from the Facebookmail.com domain. Cybercriminals…
Facebook Flaw Allowed Removal of Any Photo
A researcher says he received a $10,000 bounty from Facebook after finding a critical vulnerability that could have been exploited to delete any photo from the social media network. In early November, Facebook announced a new feature for posting polls that include images and GIF animations. Iran-based security researcher and web developer Pouya Darabi analyzed…
Obscuring malicious Facebook links using the Open Graph Protocol
Most users click on links popping up in their Facebook News Feed without thinking twice about it, but it’s good to keep in mind that they can lead to malicious sites. Here’s an example of one flagged by the SANS ISC (Internet Storm Center):
Facebook manifesto redacted to omit plans for AI to monitor private messages
An earlier version of Mark Zuckerberg’s 6,000-word manifesto for Facebook revealed his belief that artificial intelligence could one day be used to monitor private messages for terrorists scheming an attack. The text eventually published by Zuckerberg on Thursday did detail how Facebook is using AI today to flag terrorist propaganda in public posts. However, as…
Facebook Awards $40,000 Bounty for ImageTragick Hack
A researcher claims to have received a $40,000 bounty from Facebook for finding a remote code execution vulnerability introduced by the ImageMagick image processing suite. The said ImageMagick flaw, tracked as CVE-2016-3714 and dubbed “ImageTragick,” was disclosed in May 2016. The security hole had already been exploited in the wild and security firms soon started…