Facebook announced that its ThreatExchange information-sharing platform is closing in on 100 participants and has streamlined its application process.
Tag Archives: Facebook
Facebook Awards $100,000 for New Class of Vulnerabilities and Detection Tool
Facebook doubles the payout of its Internet Defense Prize with a $100,000 award to a team of Georgia Tech researchers for a new class of browser-based memory-corruption vulnerabilities and a corresponding detection technique.
Facebook data security loophole ‘needs to be fixed’
A data security loophole discovered in Facebook needs to be fixed, according to a software engineer.
The post Facebook data security loophole ‘needs to be fixed’ appeared first on We Live Security.
Introducing the new Facebook Security Checkup
Earlier in August, the world’s largest social networking site, Facebook, unveiled their new Security Checkup feature.
The aim is to create a series of simple tools that help users control which devices are logged into Facebook, receive alerts when new devices log in and tips on creating a strong password.
Let’s take a look in more detail:
Log out of unused apps:
If you have multiple devices linked to your Facebook account, you may be surprised to see just how many apps have access to your account. Closely monitoring which apps have access to your account is a great way to help protect your account security and the privacy of your personal information.
It’s worth remembering that apps that have access to your Facebook account also have access to a lot of your personal information. Be selective about which apps you allow.
Login Alerts:
Setting up login alerts is a great way to help you manage access to your Facebook account. Used in conjunction with other security features such as Two-Factor Authentication, login alerts make it very difficult for any unauthorized party to gain access to your account. I’d highly recommend implementing both this and Facebook’s Login Approvals.
Password strength tips:
The final tool in the Security Checkup is some advice both for creating a strong password and also password safety advice.
The advice recommends using a password unique to Facebook, never sharing your password and avoiding dictionary or identifying words.
Your password is one of the most important parts of keeping all your online accounts safe, for more information on creating a strong, unique password that’s easy to remember, check out this infographic below.
The world’s biggest bug bounty payouts
From finding flaws to suggesting innovative security measures for the future, we look at some of the biggest bug bounty payouts in recent years.
The post The world’s biggest bug bounty payouts appeared first on We Live Security.
Facebook Security Checkup feature now available
Facebook has made a new feature called Security Checkup generally available after testing on an invite-only group, according to SoftPedia.
The post Facebook Security Checkup feature now available appeared first on We Live Security.
Facebook Hires Ex-Yahoo CISO Alex Stamos
Facebook has hired away the top security executive at Yahoo, Alex Stamos, to become the company’s new CSO. Stamos said Wednesday that he is joining Facebook because he believes the company is in the best position to address some of the large security challenges facing users and companies right now. “There is no company in […]
Spiceworks application vulnerability disclosed
A serious flaw has been discovered in the Spiceworks application, which creates an admin account for anyone logging in using their Facebook or LinkedIn details.
The post Spiceworks application vulnerability disclosed appeared first on We Live Security.
Vacation scams can ruin your holiday
Do you dream of lounging with an umbrella drink on a sunny beach, hiking by a pristine lake in the cool mountains, or leisurely strolling through a world class museum? As you begin to make summer vacation plans, much of it planned and reserved via the Internet, here are a few scams to be aware of:
Fake vacation rentals
Private vacation rentals are growing in popularity and it’s easy to find one these days through portals like Airbnb, HomeAway, and Craigslist. A typical scam starts with attractive pictures of a property in a desired location. The phony landlord, who is really a scam artist, requires an up-front deposit on the rental that is typically sent by wire transfer. When the happy family arrives at the destination, it either doesn’t exist, it’s not at all like it was described, or it is not available for rental. It may even belong to someone else, who lives there and has no knowledge of the transaction.
How to protect yourself from vacation rental scams
Don’t be fooled by pretty pictures. Photoshop is amazing and an artist can do all kinds of tricks with it. Ask the property owner to send you additional photos. You can even look it up on Google’s Street View to make sure the property and address actually exists.
Use your credit card instead of cash to make any deposits. Cybercrooks prefer cash, so protect yourself by using your credit card. If you get in a jam, Visa, MasterCard, and American Express can help you recover money lost to fraud.
Fake vacation packages
“You’ve won a dream cruise to Bingo-Bongo Island!” A message like this may come to you via email or you may get a phone call from a hard-selling travel operator. Similar to the fake vacation rental, you are required to pay a deposit for your luxurious resort or cruise. When you arrive, you find out that the package was misrepresented and there are additional fees to be paid to get the “great deal.”
How to protect yourself from vacation package scams
Legitimate offers give you their cancellation and refund policy, along with details of the location of the vacation, the name of the cruise line or resort, the length of time you will be there, and contact information.
Get a confirmation or booking number from the cruise line, hotel, or airlines rather than the travel agency confirmation number. If the cruise line is not on your credit card statement, that is a warning flag.
Free airfare scams
Airfare is a big chunk of your vacation costs, so receiving a discount is welcome. But victims of airfare scams often find that after they pay they do not receive a confirmation or that their credit card has been declined. The only way to get the discount is to pay by wire transfer, which leaves the victim without a ticket and no way to claim a refund.
Social media scams, like this Southwest Airlines scam that has been going around Facebook for a few years, lure prospective travelers to malicious websites with sweepstakes offering free airline tickets. Victims are asked to complete online surveys which reveal personal information, and agree to hidden offers in the fine print of the contest. They are encouraged to share the scam which then gets sent to all their Facebook friends. This type of scam has been known to spread “lifejacking” malware as well. That gives a hacker control of your profile so viral messages are spread to your friend’s accounts.
How to protect yourself from free airfare scams
If it’s too good to be true, it probably is. Don’t open unsolicited emails, take phone calls, or share social posts that offer a once-in-a-lifetime deal without first confirming it’s real.
Facebook Helps Combat Apple XARA Vulnerabilities With Osquery
Facebook have added the ability for organizations to detect if their OS X system is being exploited by XARA with their framework osquery.