Security experts have uncovered a cyberespionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted attacks aimed at Embassy officials from at least 7 countries (Italy, Kenya, Bermuda, Nepal, Guyana, Lebanon & Liberia), tied to govt revenue related roles and the financial sector.
Facebook expects to face a massive fine of up to $5 billion from the Federal Trade Commission FTC as the result of an investigation into its privacy policies - that's about one month's revenue for the social media giant.
The company had set $3 billion aside in anticipation of the settlement with the FTC, who launched a probe into Facebook following the Cambridge Analytica scandal.
Remember the most recent revelation of Facebook being caught asking users new to the social network platform for their email account passwords to verify their identity?
At the time, it was suspected that Facebook might be using access to users' email accounts to unauthorizedly and secretly gather a copy of their saved contacts.
Now it turns out that the collection of email contacts was true, Facebook finally admits that they "unintentionally" uploaded email contacts of 1.5 million new users on its servers, without their consent or knowledge.
April 2019 Patch Tuesday security updates addressed a local privilege escalation flaw in Windows operating system, tracked as CVE-2019-0859 that had been exploited by threat actors to deliver a PowerShell backdoor.
The flaw could allow an attacker to escalate privileges on the target system, it exists due to the way the Win32k component handles objects in memory.
Two companies exposed more than 540 million records containing information on Facebook users and their activities by leaving the data unprotected in Amazon Web Services (AWS) S3 buckets. Researchers identified an unprotected S3 bucket belonging to a Mexico-based digita media publisher named Cultura Colectiva, which publishes content for sharing on social media networks, has nearly 24 million followers on Facebook.
The second exposed AWS bucket was associated with a defunct application called “At the Pool.” This database also stored information on Facebook customers and their interests, but it also included names, email addresses and plaintext passwords for 22,000 users.