#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Facebook | Breaking Cybersecurity News | The Hacker News

7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

May 11, 2018
Luring users on social media to visit lookalike version of popular websites that pop-up a legitimate-looking Chrome extension installation window is one of the most common modus operandi of cybercriminals to spread malware. Security researchers are again warning users of a new malware campaign that has been active since at least March this year and has already infected more than 100,000 users worldwide. Dubbed Nigelthorn, the malware is rapidly spreading through socially engineered links on Facebook and infecting victims' systems with malicious browser extensions that steal their social media credentials, install cryptocurrency miners, and engage them in click fraud. The malware was pushed through at least seven different Chrome browser extensions—all were hosted on Google's official Chrome Web Store. These malicious Chrome browser extensions were first discovered by researchers at cybersecurity firm Radware, after a "well-protected network" of one of its custo
Facebook Plans to Build Its Own Chips For Hardware Devices

Facebook Plans to Build Its Own Chips For Hardware Devices

Apr 19, 2018
A new job opening post on Facebook suggests that the social network is forming a team to build its own hardware chips, joining other tech titans like Google, Apple, and Amazon in becoming more self-reliant. According to the post , Facebook is looking for an expert in ASIC and FPGA—two custom silicon designs to help it evaluate, develop and drive next-generation technologies within Facebook—particularly in artificial intelligence and machine learning. The social media company is seeking to hire an expert who can "an end-to-end SoC/ASIC, firmware and driver development organization, including all aspects of front-end and back-end standard cell ASIC development," reads the job listing on Facebook's corporate website. SoC (system-on-a-chip) is a processor typically used in mobile devices with all the components required to power a device, while ASIC (application-specific integrated circuit) is a customized piece of silicon designed for a narrow purpose that companie
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
How to Find Out Everything Facebook Knows About You

How to Find Out Everything Facebook Knows About You

Apr 10, 2018
Facebook CEO Mark Zuckerberg will testify before Congress this week to explain how his company collects and handles users' personal information. The past few weeks have been difficult for Facebook over concerns that the data of millions of users has been breached. Facebook stores details of almost every action you have taken and interaction you have engaged in on its platform. What many Facebook users are unaware of, though, is that you can easily download and see all the information Facebook has collected from you in just a few minutes. Here's how to find out what data Facebook has collected over time, including all your past posts, messages, photos, videos and more. Here's how to Download Your Facebook Data: First, sign into Facebook (on a desktop browser, not your mobile). Then, click the drop-down arrow on the top right, and click on "Settings." This will take you to facebook.com/settings, where you will find your "General Account Set
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Facebook Collected Your Android Call History and SMS Data For Years

Facebook Collected Your Android Call History and SMS Data For Years

Mar 25, 2018
Facebook knows a lot about you, your likes and dislikes—it's no surprise. But do you know, if you have installed Facebook Messenger app on your Android device, there are chances that the company had been collecting your contacts, SMS, and call history data at least until late last year. A tweet from Dylan McKay, a New Zealand-based programmer, which received more than 38,000 retweets (at the time of writing), showed how he found his year-old data—including complete logs of incoming and outgoing calls and SMS messages—in an archive he downloaded (as a ZIP file) from Facebook. Facebook was collecting this data on its users from last few years, which was even reported earlier in media, but the story did not get much attention at that time. Since Facebook had been embroiled into controversies over its data sharing practices after the Cambridge Analytica scandal last week, tweets from McKay went viral and has now fueled the never-ending privacy debate. A Facebook spokespe
Facebook and Cambridge Analytica – What's Happened So Far

Facebook and Cambridge Analytica – What's Happened So Far

Mar 23, 2018
Top Story— Facebook has just lost over $60 billion in market value over the past two days—that's more than Tesla's entire market capitalisation and almost three times that of Snapchat. Facebook shares plunge over revelations that personal data of 50 million users was obtained and misused by British data analytics firm ' Cambridge Analytica ,' who reportedly helped Donald Trump win the US presidency in 2016. The privacy scandal that rocked the social media giant was revealed earlier this week when Chris Wylie , the 28-year-old data scientist who worked with a Cambridge University academic, turned into a whistleblower and leaked to the newspapers how poorly Facebook handles people's private information. Wylie claims Cambridge Analytica created " Steve Bannon's psychological warfare mindf**k tool " that profiles citizens to predict their voting patterns based on the personal information gathered from a variety of sources and then helps political
Android P Will Block Background Apps from Accessing Your Camera, Microphone

Android P Will Block Background Apps from Accessing Your Camera, Microphone

Feb 26, 2018
Yes, your smartphone is spying on you. But, the real question is, should you care? We have published thousands of articles on The Hacker News, warning how any mobile app can turn your smartphone into a bugging device—' Facebook is listening to your conversations', ' Stealing Passwords Using SmartPhone Sensors', 'Your Headphones Can Spy On You' and 'Android Malware Found Spying Military Personnel' to name a few. All these stories have different objectives and targets but have one thing in common, i.e., apps running in the background covertly abuse ' permissions ' without notifying users. Installing a single malicious app unknowingly could allow remote attackers to covertly record audio, video, and taking photos in the background. But, not anymore! In a boost to user privacy, the next version of Google's mobile operating system, Android P, will apparently block apps idling in the background from accessing your smartphone's camera a
Facebook slapped with $1.43 million fine for violating users' privacy in Spain

Facebook slapped with $1.43 million fine for violating users' privacy in Spain

Sep 11, 2017
Facebook is once again in trouble regarding its users' privacy. The social media giant has recently been heavily fined once again for a series of privacy violations in Spain. Recently, Google also incurred a record-breaking fine of $2.7 billion (€2.42 billion) by the European antitrust officials for unfairly manipulating search results since at least 2008. Now, the Spanish Data Protection Agency (AEPD) has issued a €1.2 Million (nearly $1.4 Million) fine against Facebook for breaching laws designed to protect its people's information and confidentiality. According to the data protection watchdog, the social network collects its users' personal data without their 'unequivocal consent' and makes the profit by sharing the data with advertisers and marketers. The AEPD also found Facebook collects sensitive data on user's ideology, religious beliefs, sex and personal tastes and navigation—either directly from its own services or through third parties—w
Facebook Covertly Launches A Photo-Sharing App In China

Facebook Covertly Launches A Photo-Sharing App In China

Aug 14, 2017
The Chinese market is no doubt a pot of gold for big technology giants with over 700 million internet users, but the Chinese government heavily controls the Internet within its borders through its Golden Shield project – the Great Firewall of China . The Great Firewall has blocked some 171 out of the world's leading websites, including Google, Facebook, Instagram, Twitter, Tumblr, Dropbox, and The Pirate Bay in the country. But tech giants like Facebook and Google always try alternative ways to infiltrate the market. Now it seems like Facebook is trying to secretly enter the largest populous market by releasing an all new social networking app in China that does not carry its brand. Dubbed Colorful Balloons , the photo-sharing app appears to mimic the look and feel of Facebook's Moments, an app that allows its users to share photos with their friends and family members. According to The New York Times, Facebook approved the release of Colorful Balloons back in M
Facebook Bug Declares Millions of Users Dead, Including Zuckerberg!

Facebook Bug Declares Millions of Users Dead, Including Zuckerberg!

Nov 12, 2016
Last night, Facebook declared everyone dead, including the company's CEO Mark Zuckerberg, in a massive memorial 'remembering' profile glitch. Well, that's awkward. Despite being very much alive, Facebook users, when logged on to their accounts on Friday afternoon, found their accounts turned to a " memorialized account ," strongly suggesting that they are dead to everyone who visits their profile. A statement on Mark Zuckerberg's profile read: "We hope people who love Mark will find comfort in the things others share to remember and celebrate his life." When the message appeared, thousands of users shaken by the incident complained on Twitter about their premature digital deaths, offering their proof-of-life so that their concerned relatives could calm themselves down. This weird glitch was first spotted by Business Insider when several of its employees saw the message at the top of their Facebook profiles on Friday. When reached
Facebook agrees to Stop using UK Users' WhatsApp Data for Targeted Ads

Facebook agrees to Stop using UK Users' WhatsApp Data for Targeted Ads

Nov 08, 2016
In August, Facebook introduced a hugely controversial data sharing plan to start harvesting data from its WhatsApp messaging app from September 25 for delivering more relevant ads on the social network. Many users were not happy with the move, because there was no real way of opting out from the data sharing – WhatsApp users could only do so within a short period – and even if users did opt out then, some data would still be shared. Eventually, some countries like Britain stood up and opposed the decision. The Information Commissioner's Office (ICO) of the United Kingdom has asked Facebook and WhatsApp to better explain the changes to its customers in the U.K. And if they don't, the ICO could hand out a heavy fine. What's the good news? In response, the social media giant has agreed to "pause" sharing of data, including their phone numbers, between WhatsApp and Facebook in Britain to target advertisements on its core social network. "We have
Facebook, Twitter and Instagram Share Data with Location-based Social Media Surveillance Startup

Facebook, Twitter and Instagram Share Data with Location-based Social Media Surveillance Startup

Oct 12, 2016
Facebook, Instagram, Twitter, VK, Google's Picasa and Youtube were handing over user data access to a Chicago-based Startup — the developer of a social media monitoring tool — which then sold this data to law enforcement agencies for surveillance purposes, the ACLU disclosed Tuesday. Government records obtained by the American Civil Liberties Union (ACLU) revealed that the big technology corporations gave "special access" to Geofeedia. Geofeedia is a controversial social media monitoring tool that pulls social media feeds via APIs and other means of access and then makes it searchable and accessible to its clients, who can search by location or keyword to quickly find recently posted and publicly available contents. The company has marketed its services to 500 law enforcement and public safety agencies as a tool to track racial protests in Ferguson, Missouri, involving the 2014 police shooting death of Mike Brown. With the help of a public records request, the
How to Start Secret Conversations on Facebook Messenger

How to Start Secret Conversations on Facebook Messenger

Oct 06, 2016
If you are looking for ways to start a secret conversation on Facebook Messenger with your friends, then you are at the right place. In this article, I am going to tell you about Facebook Messenger's new end-to-end encrypted chat feature, dubbed " Secret Conversations ," but before that, know why do you need your chats to be end-to-end encrypted? Your online privacy is under threat not only from online marketers and hackers but also from governments. Just yesterday, it was revealed that Yahoo secretly built hacking tool to scan all of its customers' incoming emails for US intelligence officials. So, to hide your personal life online from prying eyes, you need end-to-end encryption that allows you to send and receive messages in a way that no one, including the feds with a warrant, hackers and not even the company itself, can intercept or read them. Last year, WhatsApp became the largest end-to-end encrypted messaging network in history by rolling out anoth
Facebook releases Osquery Security Tool for Windows

Facebook releases Osquery Security Tool for Windows

Sep 27, 2016
OSquery , an open-source framework created by Facebook that allows organizations to look for potential malware or malicious activity on their networks, was available for Mac OS X and Linux environments until today. But now the social network has announced that the company has developed a Windows version of its osquery tool , too. When Facebook engineers want to monitor thousands of Apple Mac laptops across their organization, they use their own untraditional security tool called OSquery. OSquery is a smart piece of cross-platform software that scans every single computer on an infrastructure and catalogs every aspect of it. Then SQL-based queries allow developers and security teams to monitor low-level functions in real-time and quickly search for malicious behavior and vulnerable applications on their infrastructure. In simple words, OSquery allows an organization to treat its infrastructure as a database, turning OS information into a format that can be queried using SQL
Germany Bans Facebook From Collecting WhatsApp Data

Germany Bans Facebook From Collecting WhatsApp Data

Sep 27, 2016
Just last month, the most popular messaging app WhatsApp updated its privacy policy and T&Cs to start sharing its user data with its parent company, and now both the companies are in trouble, at least in Germany and India. Both Facebook, as well as WhatsApp, have been told to immediately stop collecting and storing data on roughly 35 Million WhatsApp users in Germany. The Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar even ordered Facebook on Tuesday to delete all data that has already been forwarded to WhatsApp since August. Also in India, the Delhi High Court on September 23 ordered WhatsApp to delete all users' data from its servers up until September 25 when the company's new privacy policy came into effect. When Facebook first acquired WhatsApp for $19 billion in cash in 2014, WhatsApp made a promise that its users' data would not be shared between both companies. But now apparently this has changed, which, according to Caspa
Hacker reveals How He Could have Hacked Multiple Facebook Accounts

Hacker reveals How He Could have Hacked Multiple Facebook Accounts

Aug 27, 2016
How to Hack a Facebook Account? That's possibly the most frequently asked question on the Internet today. Though the solution is hard to find, a white hat hacker has just proven how easy it is to hack multiple Facebook accounts with some basic computer skills. Your Facebook account can be hacked, no matter how strong your password is or how much extra security measures you have taken. No joke! Gurkirat Singh from California recently discovered a loophole in Facebook's password reset mechanism that could have given hackers complete access to the victim's Facebook account, allowing them to view message conversations and payment card details, post anything and do whatever the real account holder can. The attack vector is simple, though the execution is quite difficult. The issue, Gurkirat ( @GurkiratSpeca ) says, actually resides in the way Facebook allows you to reset your password. The social network uses an algorithm that generates a random 6-digit passcode ‒
WhatsApp to Share Your Data with Facebook — You have 30 Days to Stop It

WhatsApp to Share Your Data with Facebook — You have 30 Days to Stop It

Aug 25, 2016
Nothing comes for Free, as "Free" is just a relative term used by companies to develop a strong user base and then use it for their own benefits. The same has been done by the secure messaging app WhatsApp, which has now made it crystal clear that the popular messaging service will begin sharing its users' data with its parent company, Facebook. However, WhatsApp is offering a partial opt-out for Facebook targeted ads and product related purposes, which I will let you know later in this article, but completely opting out of the data-sharing does not seem to be possible. Let's know what the company has decided to do with your data. Of course, Facebook is willing to use your data to sell more targeted advertisements. WhatsApp introduced some significant changes to its privacy policy and T&Cs today which, if accepted once, gives it permission to connect users' Facebook accounts to WhatsApp accounts for the first time, giving Facebook more data about us
Facebook to Launch Commercial Express Wi-Fi Service In India

Facebook to Launch Commercial Express Wi-Fi Service In India

Aug 08, 2016
After the failure of Facebook's Free Basics -- an initiative to provide free Internet access -- in India due to the violation of Net Neutrality principles, Facebook has reintroduced its plan to provide Internet access in rural India, but this time: The social networking giant is planning to launch a commercial WiFi service in India. Facebook is testing a WiFi service in rural India, allowing people with no internet connection to buy affordable data packages from their local internet service providers (ISPs) in order to access the Internet via local hotspots. Dubbed Express Wi-Fi , the program is in sync with Mark Zuckerberg's Internet.org -- the platform Facebook used for its Free Basics to bring the Internet to all. India banned Free Basics in the country on net neutrality grounds. Net Neutrality advocates argued that by offering some websites and services for free, people are discouraged from visiting other sites. Now, Facebook has partnered with state-owned
I'm Warning You, Don't Read this Article. It's a Federal Crime!

I'm Warning You, Don't Read this Article. It's a Federal Crime!

Jul 14, 2016
Yes, you heard it right. If I tell you not to visit my website, but you still visit it knowing you are disapproved, you are committing a federal crime, and I have the authority to sue you. Wait! I haven't disapproved you yet. Rather I'm making you aware of a new court decision that may trouble you and could have big implications going forward. The United States Court of Appeals for the Ninth Circuit has taken a critical decision on the Computer Fraud and Abuse Act (CFAA): Companies can seek civil and criminal penalties against people who access or visit their websites without their permission. Even Sharing Password is also a Federal Crime... Yes, a similar weird decision was taken last week when the Ninth Circuit Court of Appeals ruled that sharing passwords can be a violation of the CFAA, making Millions of people who share their passwords "unwitting federal criminals." Now, you might be wondering how visiting a publically open website could be a crime. We
Cybersecurity Resources