#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

social networking sites | Breaking Cybersecurity News | The Hacker News

Category — social networking sites
Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Dec 10, 2018
Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security vulnerability in one of Google+'s People APIs that could have allowed developers to steal private information on 52.5 million users, including their name, email address, occupation, and age. The vulnerable API in question is called "People: get" that has been designed to let developers request basic information associated with a user profile. However, software update in November introduced the bug in the Google+ People API that allowed apps to view users' information even if a user profile was set to not-public. Google engineers discovered the security issue during standard testing procedures and addressed it within a week of the issue being introduced. The company said
Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Oct 08, 2018
Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. Since Google+ servers do not keep API logs for more than two weeks, the company cannot confirm the number of users impacted by the vulnerability. However, Google assured its users that the company found no evidence that any developer was aware of this bug, or that the profile data was misused by any of the 438 developers that could have had access. "However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,00
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
This App Lets You Find Anyone's Social Profile Just By Taking Their Photo

This App Lets You Find Anyone's Social Profile Just By Taking Their Photo

May 18, 2016
Is Google or Facebook evil? Forget it! Russian nerds have developed a new Face Recognition technology based app called FindFace , which is a nightmare for privacy lovers and human right advocates. FindFace is a terrifyingly powerful facial recognition app that lets you photograph strangers in a crowd and find their real identity by connecting them to their social media accounts with 70% success rate, putting public anonymity at risk. The FindFace app was launched two months ago on Google Play and Apple's App Store and currently has 500,000 registered users and processed nearly 3 Million searches, according to its co-founders, 26-year-old Artem Kukharenko, and 29-year-old Alexander Kabakov. According to The Guardian , FindFace uses image recognition technology to compare faces against profile pictures on Vkontakte, a very popular social networking site in Russia that has over 200 Million users. Besides showing the social media account of the one you are searching for, FindF
cyber security

DevOps Security Best Practices

websiteWizDevOps / Secure Coding
Develop securely from code to cloud with this DevOps Security Cheat Sheet from Wiz. Take a deep dive into secure coding, infrastructure security, and vigilant monitoring and response.
Dear Internet, Today is 'The Day We Fight Back', Biggest protest against NSA Surveillance

Dear Internet, Today is 'The Day We Fight Back', Biggest protest against NSA Surveillance

Feb 11, 2014
The US Government has allotted a large share of its ' Black Budget ' for secret military research and weapons programs, along with surveillance programs, that is harvesting hundreds of millions of Metadata from emails, web activity, chats, social networks, and everything else around the world. To make this happen, NSA has used a number of unethical ways, but labeled as legal solutions.  Today, on February 11th, we all unite to fight against the Government intrusion on the privacy of innocent people worldwide, under one banner of ' The Day We Fight Back ', along with other 7000 websites by hosting a large banner at the bottom of the websites; reading " Dear Internet, we're standing with 300+ nonprofits worldwide in demanding an end to mass, suspicionless surveillance ", asking people of the world to vote against proposed NSA reforms that the American Civil Liberties Union has labeled " Bad for Privacy ". The Banner, you can see at the bottom of this page, e
U.S. Department of Defense Officials are potential target of cyber espionage via social networking sites

U.S. Department of Defense Officials are potential target of cyber espionage via social networking sites

May 16, 2013
In the recent months I had the opportunity to conduct an interesting study on the use of Social Media in the Military Sector, large diffusion of media platforms makes them very attractive for governments and intelligence agencies . Social media platforms reveal enormous potentiality that could be exploited also in critical sectors such as military and defense. Modern social media networks are actively used by every government, the US, China and Russia are the most active in this field, but also emerging cyber countries like Iran and North Korea demonstrates an increasing interest in the matter. The principal uses of social media for government are Psychological Operations (PsyOps) OSInt Cyber espionage Offensive purposes On May 10th the Illinois Air National Guard 183rd Fighter Wing published a notice in the monthly issue of a newsletter titled Falcon View. The notice, that seems to be authentic, dedicates a paragraph to the use of social networking sites for
Expert Insights / Articles Videos
Cybersecurity Resources