accelerated-mobile-pages domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121easy-digital-downloads domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edd_cfm domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edds domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121Newsmag domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121The post Facebook Sues App Developers for Harvesting Users’ Data Illegally appeared first on CISO MAG | Cyber Security Magazine.
]]>“When people installed those apps on their devices, MobiBurn collected information from the devices and requested data from Facebook, including the person’s name, time zone, email address and gender. MobiBurn did not compromise Facebook, instead they used the malicious SDK on the users’ devices to collect information,” Facebook said in a report.
MobiBurn’s behavior came to light after security researchers reported the incident in a data abuse bounty program. Facebook then took enforcement action by sending a cease-and-desist letter asking MobiBurn to participate in a security audit, to which MobiBurn denied its cooperation.
In the U.S., Facebook Inc. and Instagram LLC sued Nikolay Holper in Federal Court in San Francisco for running a fake service called “Nakrutka” to sell fake likes, views, comments, and followers on Instagram. Facebook claims that Holper used a network of bots and automation software to run his fake engagement services on Instagram.
This is not the first time Facebook took legal action against abusers. Recently, it filed a similar lawsuit against Namecheap, an Arizona-based provider of domain name registrars online, for refusing to cooperate in an investigation to find malicious domains that have been registered through its services. Namecheap impersonated Facebook’s brand name and refused to share details about the owners of the suspicious domains. Security experts at Facebook tracked down 45 suspicious lookalike domains that are registered via Namecheap. It also filed a lawsuit in Virginia against 12 hoax domain names registered by Indian-based proxy service provider Compsys Domain Solutions Private Ltd. The malicious domains spoofed Facebook and its product names to carry out unethical activities.
The post Facebook Sues App Developers for Harvesting Users’ Data Illegally appeared first on CISO MAG | Cyber Security Magazine.
]]>The post Facebook Reports Data Breach, Yet Again! appeared first on CISO MAG | Cyber Security Magazine.
]]>Prior to April 2018, app developers had unrestricted access to group members’ information. But with changes made in Group API posts in April 2018, this has changed. The app developers now only have limited access to group information such as group name, the number of users, and the content in group posts. For additional information, group members are asked specific permissions that can be accepted or denied as per preference.
According to Facebook’s new framework designed on the guidelines of their agreement with the Federal Trade Commission (FTC), Facebook is required to conduct timely and scheduled audits of all its products and services for factors such as data breach, privacy adherence, etc.
Papamiltiadis said, “As part of our ongoing review, we recently found that some apps retained access to group member information, like names and profile pictures in connection with group activity, from the Groups API, for longer than we intended. We have since removed their access. Today we are also reaching out to roughly 100 partners who may have accessed this information since we announced restrictions to the Groups API, although it’s likely that the number (of developers) that did (access) is smaller and decreased over time. We know at least 11 partners accessed group members’ information in the last 60 days. Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have been retained, and we will conduct audits to confirm that it has been deleted.”
Just a week back, Facebook had agreed to pay £500,000 (around US$ 645,000) penalty imposed by ICO, the U.K.’s data protection watchdog, for a data breach carried out by a political data firm Cambridge Analytica. It gathered user data and used it to potentially change the outcome of 2016 US Presidential Elections and Brexit.
Owing to this, Facebook announced that it is tightening its security for the 2020 U.S. elections. The social media giant stated that it’s taking down accounts involved in illicit activities and stepping up searching state-controlled media trying to manipulate American voters.
The post Facebook Reports Data Breach, Yet Again! appeared first on CISO MAG | Cyber Security Magazine.
]]>