β Facebook: turn off SMS 2FA if you donβt want your number used for ads β
π Read
via "Naked Security".
Facebook has been adding phone numbers registered for 2FA to the other data it uses to target people with advertising.π Read
via "Naked Security".
Naked Security
You gave your number to Facebook for security and it used it for ads
Facebook has been adding phone numbers registered for 2FA to the other data it uses to target people with advertising.
ATENTIONβΌ New - CVE-2015-9268
π Read
via "National Vulnerability Database".
Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2015-9267
π Read
via "National Vulnerability Database".
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.π Read
via "National Vulnerability Database".
β 50 Million Facebook Accounts Hacked β Time to act before itβs too late! β
π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Estimated reading time: 2 minutesThe afternoon of September 28th 2018 brought in a wave of shock for 50 million Facebook users, when they found themselves logged out of Facebook!! In one of the worst data breach attacks in the history of Facebook, over 90 million users on Friday afternoon, were forced to log out and login back to their accounts. The step was initiated as a precautionary measure by Facebook to reset the access tokens for over 90 million of its users, as hackers managed to exploit a vulnerability in Facebook coding. For this social media giant, its βView Asβ feature proved extremely vulnerable, as hackers managed to log into Facebook accounts of other people, by stealing access tokens. The View As feature was basically meant to allow users to see how their profiles appear for other users. Upon learning about this exploit, Facebook immediately reset the access tokens of more than 50 million of its registered accounts. So, while the whole world is busy browsing the internet for answers to HOW and WHY this data breach happened, itβs better to spare sometime to read about immediate actions you can take, to prevent your own data from getting breached: #1 Reset Your Password In case your account was one amongst the 50 million Facebook accounts that got hacked on Friday and the hacker managed to change your password, DO NOT PANIC! You can still try your best to regain access to your account by clicking on βForgot your password?β option under your Facebook login. Start by finding your account by entering the primary or secondary email address, you had used for registering with Facebook. Once you are successful in finding your account, you can easily choose to Reset Your Password. However, this process of password recovery holds true, only if you continue to have access to those email addresses. Just in case, you no more access those email ids but would like to reset your password, you can always use the βNo longer have access to these?β link, in which case, facebook will ask you for an alternate option to verify your identity. #2 Change Your Password Immediately Even if you were lucky enough to not have your account compromised, as a precautionary measure itβs better to change your password before itβs too late. All you need to do is to click on Security and Login under Settings and scroll down to Login > Change password. Try to choose a stronger password this time and something that is unique only for your Facebook account. Once you have reset your account with a new password, it is advisable to log out of all sessions, provided the fact that your security settings and contact details are up to date. #3 Check Passwords of Other Accounts Registering with Facebook requires you to enter an email ID and often times, you tend to use the same login details for logging into Facebook as well. Thus, while you reset/change the password of your Facebook account, it is a good move to change the password of other accounts also that have the same login details. #4 Check Your Privacy & Security Settings Here are few steps you can take to improve your privacy and security on Facebook: Update contact details, mobile numbers and email addresses under General Limit the visibility of your posts by selecting a comfortable Privacy setting and allow only friends to see your posts. Boost up your security measures by opting for notifications for unrecognized logins and select only couple of trusted friends for recovery of account, in case your account gets locked out. The post 50 Million Facebook Accounts Hacked β Time to act before itβs too late! appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.π Read
via "Quick Heal Blog | Latest computer security news, tips, and advice".
Quick Heal Blog | Latest computer security news, tips, and advice
50 Million Facebook Accounts Hacked β Time to act before itβs too late!
The afternoon of September 28th 2018 brought in a wave of shock for 50 million Facebook users, when they found themselves logged out of Facebook!! In one of the worst data breach attacks in the history of Facebook, over 90 million users on Friday afternoonβ¦
β Dark Web Azorult Generator Offers Free Binaries to Cybercrooks β
π Read
via "The first stop for security news | Threatpost ".
The Gazorp online builder makes it easy to start stealing passwords, credit-card information, cryptocurrency wallet data and more.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Dark Web Azorult Generator Offers Free Binaries to Cybercrooks
The Gazorp online builder makes it easy to start stealing passwords, credit-card information, cryptocurrency wallet data and more.
π΄ Exclusive: Cisco, Duo Execs Share Plans for the Future π΄
π Read
via "Dark Reading: ".
Cisco's Gee Rittenhouse and Duo's Dug Song offer ideas and goals for the merged companies as Duo folds under the Cisco umbrella.π Read
via "Dark Reading: ".
Dark Reading
Exclusive: Cisco, Duo Execs Share Plans for the Future
Cisco's Gee Rittenhouse and Duo's Dug Song offer ideas and goals for the merged companies as Duo folds under the Cisco umbrella.
π 5 signs that blockchain will hit wide enterprise adoption soon π
π Read
via "Security on TechRepublic".
Blockchain has the potential to enable new business models and reshape industries, but many enterprises are struggling to implement the technology, according to Deloitte.π Read
via "Security on TechRepublic".
TechRepublic
5 signs that blockchain will hit wide enterprise adoption soon
Blockchain has the potential to enable new business models and reshape industries, but many enterprises are struggling to implement the technology, according to Deloitte.
π Why nearly 50% of organizations are failing at password security π
π Read
via "Security on TechRepublic".
Employees are sharing an average of six passwords with their coworkers, according to the LastPass 2018 Global Password Security Report.π Read
via "Security on TechRepublic".
TechRepublic
Why nearly 50% of organizations are failing at password security
Employees are sharing an average of six passwords with their coworkers, according to the LastPass 2018 Global Password Security Report.
π΄ The Right Diagnosis: A Cybersecurity Perspective π΄
π Read
via "Dark Reading: ".
A healthy body and a healthy security organization have a lot more in common than most people think.π Read
via "Dark Reading: ".
Darkreading
The Right Diagnosis: A Cybersecurity Perspective
A healthy body and a healthy security organization have a lot more in common than most people think.
β How to have that difficult βstay safe onlineβ conversation with your kids β
π Read
via "Naked Security".
As your children start using the internet with greater independence, help keep them - and their data - safe with these simple tips.π Read
via "Naked Security".
Naked Security
How to have that difficult βstay safe onlineβ conversation with your kids
As your children start using the internet with greater independence, help keep them β and their data β safe with these simple tips.
π Despite digital growth, 25% of SMBs still track finances on paper π
π Read
via "Security on TechRepublic".
Companies are putting their finances and security at risk by not using digital-based tracking, according to a Clutch report.π Read
via "Security on TechRepublic".
TechRepublic
Despite digital growth, 25% of SMBs still track finances on paper
Companies are putting their finances and security at risk by not using digital-based tracking, according to a Clutch report.
π΄ Employees Share Average of 6 Passwords With Co-Workers π΄
π Read
via "Dark Reading: ".
Password-sharing and reuse is still prominent, but mulit-factor authentication is on the rise, new study shows.π Read
via "Dark Reading: ".
Dark Reading
Employees Share Average of 6 Passwords With Co-Workers
Password-sharing and reuse is still prominent, but mulit-factor authentication is on the rise, new study shows.
π΄ California Enacts First-in-Nation IoT Security Law π΄
π Read
via "Dark Reading: ".
The new law requires some form of authentication for most connected devices.π Read
via "Dark Reading: ".
Dark Reading
California Enacts First-in-Nation IoT Security Law
The new law requires some form of authentication for most connected devices.
β California, U.S. Government Battle Over Net Neutrality State Law β
π Read
via "The first stop for security news | Threatpost ".
The Department of Justice has filed a lawsuit after SB 822 was passed, enforcing net neutrality laws, on Sunday.π Read
via "The first stop for security news | Threatpost ".
Threat Post
California, U.S. Government Battle Over Net Neutrality State Law
The Department of Justice has filed a lawsuit after SB 822 was passed, enforcing net neutrality laws, on Sunday.
π Top 5 things to know about voting and the blockchain π
π Read
via "Security on TechRepublic".
From security to anonymity, here are the top 5 things you should know about blockchain and voting.π Read
via "Security on TechRepublic".
TechRepublic
Top 5 things to know about voting and the blockchain
From security to anonymity, here are the top 5 things you should know about blockchain and voting.
β Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack β
π Read
via "The first stop for security news | Threatpost ".
Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Nine NAS Bugs Open LenovoEMC, Iomega Devices to Attack
Rated as high-risk vulnerabilities, these privilege-escalation flaws could allow an unauthenticated attacker to access protected content.
π΄ October Events at Dark Reading You Can't Miss π΄
π Read
via "Dark Reading: ".
Cybersecurity Month at Dark Reading is packed with educational webinars, from data breach response to small business security.π Read
via "Dark Reading: ".
Darkreading
October Events at Dark Reading You Can't Miss
Cybersecurity Month at Dark Reading is packed with educational webinars, from data breach response to small business security.
β Adobe Patches 47 Critical Flaws in Acrobat and DC β
π Read
via "The first stop for security news | Threatpost ".
The update includes a security bypass bug that enables privilege escalation.π Read
via "The first stop for security news | Threatpost ".
Threat Post
Adobe Patches 47 Critical Flaws in Acrobat and DC
The update includes a security bypass bug that enables privilege escalation.
π΄ 'Short, Brutal Lives': Life Expectancy for Malicious Domains π΄
π Read
via "Dark Reading: ".
Using a cooling-off period for domain names can help catch those registered by known bad actors.π Read
via "Dark Reading: ".
Darkreading
'Short, Brutal Lives': Life Expectancy for Malicious Domains
Using a cooling-off period for domain names can help catch those registered by known bad actors.
π΄ 'Short, Brutal Lives': Life Expectancy for Malicious Domains π΄
π Read
via "Dark Reading: ".
Using a cooling-off period for domain names can help catch those registered by known bad actors.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
ATENTIONβΌ New - CVE-2015-9270
π Read
via "National Vulnerability Database".
XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month parameter.π Read
via "National Vulnerability Database".