HackDig : Dig high-quality web security articles

Pegasus spyware has been here for years. We must stop ignoring it

On July 18, a group of 17 newspaper and media organizations—aided by Amnesty International’s Security Lab and the research group Citizen Lab—revealed that one of the world’s most advanced and viciously invasive spyware tools had been used to hack, or attempt to hack, into 37 mobile phones owned by human rights activists, journalists, political dissidents, an
Publish At:2021-07-22 08:39 | Read:137 | Comments:0 | Tags:Privacy Amnesty International Amnesty International Security

Microsoft exec reveals “routine” secrecy orders from government investigators

Microsoft executive Tom Burt told Congressional lawmakers Wednesday that Federal law enforcement agencies send “routine” secret orders for customer information from the Seattle-based company, numbering anywhere from 2,400 to 3,500 such requests a year. “While the recent news about secret investigations is shocking, most shocking is just how routine secrec
Publish At:2021-07-01 16:30 | Read:186 | Comments:0 | Tags:Government Apple cloud Department of Justice facebook Google

A Parent’s Guide to Protecting Kids’ Privacy on Social Media

If your kids use social media, as many children do, you may be worried about protecting their privacy. Teenagers may be a bit unconcerned about such things, and may not care who reads their Twitter or Facebook posts, or who sees their photos on Instagram or Snapchat. As a parent, you know how important it is to keep your kids’ online life out of the
Publish At:2021-06-30 12:50 | Read:126 | Comments:0 | Tags:Security & Privacy Facebook Instagram kids privacy Snapchat

Jail for consultant who scraped colossal trove of Alibaba customer data

A billion data points, including the usernames and mobile phone numbers of customers have been siphoned off Alibaba websites by a web crawler. The information has reached us about a week after a court ruling in the case. The court ruling A central Chinese court has ruled that an employee of a consultancy firm was guilty of gathering more than a billion
Publish At:2021-06-16 12:09 | Read:263 | Comments:0 | Tags:Reports Alibaba facebook Taobao web scraping

WhatsApp reverses course, will not limit app functionality

WhatsApp, the end-to-end encrypted messaging service that has lost users, its founders, and a large amount of public goodwill, issued a reversal on its recent privacy policy enforcement measures, clarifying that it will no longer punish users who refuse to share some of their data with the company’s owner, Facebook. Previously, the company said it would r
Publish At:2021-06-01 15:59 | Read:307 | Comments:0 | Tags:Privacy end-to-end encryption facebook whatsapp whatsapp pri

Using Fake Reviews to Find Dangerous Extensions

Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams. Here’s the story of how bogus reviews on a counterfeit Micr
Publish At:2021-05-29 13:22 | Read:374 | Comments:0 | Tags:A Little Sunshine Breadcrumbs adobe Amazon brookice100@gmail

“Have I been pwnd?”– What is it and what to do when you *are* pwned

Adobe. Yahoo!. The US Department of Energy (DoE). The New York Times. What these names have in common is that they have all experienced at least one breach in 2013—the year when threat actors started targeting organizations across industries to either steal data for profit or leak them to “teach companies a lesson about cybersecurity.” The
Publish At:2021-05-19 18:08 | Read:475 | Comments:0 | Tags:Awareness 2fa adobe department of energy DoE facebook have i

A week in security (May 10 – 16)

Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story unfolded. This attack triggered the White House to refine a planned Executive Order on cybersecurity. We also profiled DarkSide, the ransomware responsible for the Colonial Pipeline attack, and the criminal gang behind it. Speaki
Publish At:2021-05-17 07:29 | Read:443 | Comments:0 | Tags:A week in security a week in security AirTag Amazon robocall

WhatsApp calls and messages will break unless you share data with Facebook

WhatsApp told users last week that there was no need for alarm regarding an upcoming privacy policy deadline, as users who refuse to accept the privacy policy will not have their accounts deleted—they will just have their apps rendered useless, eventually incapable of receiving calls and messages. The planned removal of core features represents a stunning
Publish At:2021-05-14 05:04 | Read:307 | Comments:0 | Tags:Privacy Brian Acton end-to-end encryption facebook Jan Koum

Facebook bans Signal ads that reveal the depth of what it knows about you

Most of our readers are well aware of the fact that the big tech corporations, especially those that run social media know a great deal about us and our behavior. But it rarely hits home how much personal data they have about us and how they can guess, quite correctly, even more. Lots more. Signal came up with an idea to drive that point home. A simple bu
Publish At:2021-05-06 12:59 | Read:419 | Comments:0 | Tags:Malwarebytes news advertising facebook Instagram personal da

Facebook and Instagram Beg Users to Be Allowed to Track Them – Intego Mac Podcast Episode 186

Apple issued emergency security updates to its operating systems to protect against vulnerabilities exploited in the wild. Facebook and Instagram plead to be allowed to track users. And we discuss how QR codes can be switched and could pose risks to users. Apple releases iOS 14.5.1 (and iOS 12.5.3), watchOS 7.4.1, macOS Big Sur 11.3.1A full history of macOS
Publish At:2021-05-06 04:47 | Read:490 | Comments:0 | Tags:Intego Mac Security Podcast Facebook Intego Mac Podcast QR c

A week in security (April 19 – 25)

Last week on Malwarebytes Labs, we interviewed Youssef Sammouda, a 21-year-old bug bounty hunter who is focused on finding vulnerabilities on Facebook. We looked into the CodeCov supply-chain attack, the vulnerabilities in Pulse Secure VPN that are being actively exploited by attackers, and the discovery of SUPERNOVA malware found on a SolarWinds Orion se
Publish At:2021-04-26 07:15 | Read:551 | Comments:0 | Tags:A week in security AI AI ban AirDrop artificial intelligence

The Acme of Thinness – Intego Mac Podcast Episode 184

More bad news about Facebook, more browsers just saying no to FLoC, and we look at Apple’s Spring Loaded product announcements. Coding error allowed attackers to delete Facebook live videoFacebook plans to decline to make statements regarding “scraping incidents” in the futureWordPress may auto-disable Google FLoC, citing “security concern”Am I FLoCed?
Publish At:2021-04-22 07:52 | Read:498 | Comments:0 | Tags:Intego Mac Security Podcast AirTag Facebook iMac

Interview with a bug bounty hunter: Youssef Sammouda

Behind the scenes there are many people working in cyber-security that make the internet a safer place. Youssef Sammouda is one of these people. He has submitted at least a hundred reports to Facebook which have been resolved, making Facebook a safer platform along the way. Generally speaking, people may refer to this work as being a bug bounty hunter, but t
Publish At:2021-04-20 13:09 | Read:404 | Comments:0 | Tags:Hacking Security world bug bounty facebook Youssef Sammouda

500 Million More Reasons to Talk About Facebook – Intego Mac Podcast Episode 183

Scammers have a new technique for delivering malware: using online contact forms. A couple of browsers are nixing Google’s FLoC ad tracking technology. The FBI has been playing white hat hacker. And e talk about Facebook, and especially the “off-Facebook activity” that tracks you across the internet.Criminals spread malware using website co
Publish At:2021-04-15 07:27 | Read:547 | Comments:0 | Tags:Intego Mac Security Podcast Facebook podcast

Tag Cloud