social networking sites | Breaking Cybersecurity News | The Hacker News

Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security vulnerability in one of Google+'s People APIs that could have allowed developers to steal private information on 52.5 million users, including their name, email address, occupation, and age. The vulnerable API in question is called "People: get" that has been designed to let developers request basic information associated with a user profile. However, software update in November introduced the bug in the Google+ People API that allowed apps to view users' information even if a user profile was set to not-public. Google engineers discovered the security issue during standard testing procedures and addressed it within a week of the issue being introduced. The company said

Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. Since Google+ servers do not keep API logs for more than two weeks, the company cannot confirm the number of users impacted by the vulnerability. However, Google assured its users that the company found no evidence that any developer was aware of this bug, or that the profile data was misused by any of the 438 developers that could have had access. "However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,00

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Is Google or Facebook evil? Forget it! Russian nerds have developed a new Face Recognition technology based app called FindFace , which is a nightmare for privacy lovers and human right advocates. FindFace is a terrifyingly powerful facial recognition app that lets you photograph strangers in a crowd and find their real identity by connecting them to their social media accounts with 70% success rate, putting public anonymity at risk. The FindFace app was launched two months ago on Google Play and Apple's App Store and currently has 500,000 registered users and processed nearly 3 Million searches, according to its co-founders, 26-year-old Artem Kukharenko, and 29-year-old Alexander Kabakov. According to The Guardian , FindFace uses image recognition technology to compare faces against profile pictures on Vkontakte, a very popular social networking site in Russia that has over 200 Million users. Besides showing the social media account of the one you are searching for, FindF

The US Government has allotted a large share of its ' Black Budget ' for secret military research and weapons programs, along with surveillance programs, that is harvesting hundreds of millions of Metadata from emails, web activity, chats, social networks, and everything else around the world. To make this happen, NSA has used a number of unethical ways, but labeled as legal solutions.  Today, on February 11th, we all unite to fight against the Government intrusion on the privacy of innocent people worldwide, under one banner of ' The Day We Fight Back ', along with other 7000 websites by hosting a large banner at the bottom of the websites; reading " Dear Internet, we're standing with 300+ nonprofits worldwide in demanding an end to mass, suspicionless surveillance ", asking people of the world to vote against proposed NSA reforms that the American Civil Liberties Union has labeled " Bad for Privacy ". The Banner, you can see at the bottom of this page, e

In the recent months I had the opportunity to conduct an interesting study on the use of Social Media in the Military Sector, large diffusion of media platforms makes them very attractive for governments and intelligence agencies . Social media platforms reveal enormous potentiality that could be exploited also in critical sectors such as military and defense. Modern social media networks are actively used by every government, the US, China and Russia are the most active in this field, but also emerging cyber countries like Iran and North Korea demonstrates an increasing interest in the matter. The principal uses of social media for government are Psychological Operations (PsyOps) OSInt Cyber espionage Offensive purposes On May 10th the Illinois Air National Guard 183rd Fighter Wing published a notice in the monthly issue of a newsletter titled Falcon View. The notice, that seems to be authentic, dedicates a paragraph to the use of social networking sites for