Facebook has repaired a vulnerability in its Instagram social media platform, after a researcher found that it could be exploited to link users’ phone numbers to their account numbers, usernames and actual names. With the help a brute-force algorithm and a network of bots, malicious actors could have leveraged the flaw to bypass data security…
The cyberespionage group Stealth Falcon is using a previously unreported binary backdoor along with Windows BITS to communicate with its command and controls server. The revelation was made by ESET researchers who came across the backdoor, which it named Win32/StealthFalcon, which the security firm believes has many similarities with another PowerShell script with backdoor capabilities…
In the runup to the 2020 presidential election Facebook shared additional steps it is taking to help ensure campaign ads are properly attributed and vetted. Katie Harbath, Facebook’s public policy director, global elections, said the changes include strengthening the authorization process for U.S. advertisers and showing users more information about each advertiser. This includes placing…
The person behind the massive Capital One data breach that exposed more than 100 million records will go before a federal judge on Friday and ask to be released on bail. The transgender Paige Thompson, who identifies as female, is expected to say that being held in jail with male inmates is a threat to…
An Oxford University scholar says he was able to trick dozens of European companies into sending him sensitive data about his fiancée, simply by impersonating her while invoking GDPR’s “Right of Access” policy. Doctor of philosophy student James Pavur, who presented his research findings Thursday at the Black Hat conference in Las Vegas, exploited the policy…
GDPR’s impact since its rollout last year is somewhat hard to measure, but Tripwire decided to conduct several quick surveys on Twitter to measure how consumers and businesses view the privacy regulations impact in light of the recent fines levied against British Airways and Marriott. The overall take from the 400 people surveyed was not…
Facebook, Google, IBM, and Microsoft have all reportedly “aggressively lobbied” the current administration to start developing a federal privacy mandate. Recently, Cisco joined that chorus of tech giants (“Big Tech”) calling for stronger American privacy laws. Intel has gone a few steps further, drafting its own version of a U.S. privacy bill and opening an…
Apple will temporarily suspend its practice of allowing human contractors to grade snippets recordings of Siri conversations for accuracy. The move follows a Guardian report in which a former worker claimed contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex” as part of their job. While Apple says user requests…
The U.S. Federal Trade Commission today announced that it has penalized Facebook $5 billion as punishment for what it described as deceptive privacy practices, and imposed new restrictions on the social media giant. Facebook likewise announced that it has agreed to the terms of the deal. In conjunction, the Department of Justice officially filed a…
Hackers reportedly stole 7.5 TB of data from a contractor for the Russian intelligence service FSB, and revealed details on several of its activities or prospective projects, including the collecting of information on users of social media services, Tor and P2P networks. The contractor, SyTech, has worked for FSB’s radio-electronic intelligence unit 71330 since 2009,…
