Security News

TikTok, GitHub, Facebook Join Open-Source Bug Bounty
2021-09-22 14:52

As more businesses rely on open-source software for mission-critical infrastructure, HackerOne, along with sponsors including Elastic, Facebook, Figma, GitHub, Shopify and TikTok, announced they are throwing a new round of resources behind an Internet Bug Bounty Program to lure threat hunters' attention to open-source supply chains. Following a spate of spectacular software supply-chain breaches, market leaders have decided to throw in some cash to fund the IBB to incentivize bug hunters to take a closer look at open-source code.

UK.gov is launching an anti-Facebook encryption push. Don't think of the children: Think of the nuances and edge cases instead
2021-09-08 13:44

The British government is preparing to launch a full-scale policy assault against Facebook as the company gears up to introduce end-to-end encryption across all of its services. The backlash has already begun, showing that officials face a tooth-and-nail fight to derail the rollout of end-to-end encryption on the anti-social networking site and others in the Facebook estate.

Facebook sat on report that reveals most-shared post for months was questionable COVID story
2021-08-23 03:31

Facebook has revealed a report that shows the most-shared link on the platform in the first three months of 2021 described questionable interpretation of a death attributed to a COVID-19 vaccination - but only did so after publishing a later and more flattering report. The document wasn't Facebook's first such report.

Facebook Adds End-to-End Encryption to Calls in Messenger
2021-08-16 14:04

Facebook has updated the end-to-end encryption features in Messenger to provide users with more secure voice and video calling capabilities. Messenger has been offering support for end-to-end encrypted text chats for roughly five years, and Facebook has decided to expand the security feature to voice and video calling as well, after observing an increase in the use of these capabilities over the past year.

Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger
2021-08-14 03:20

Facebook on Friday said it's extending end-to-end encryption for voice and video calls in Messenger, along with testing a new opt-in setting that will turn on end-to-end encryption for Instagram DMs. "The content of your messages and calls in an end-to-end encrypted conversation is protected from the moment it leaves your device to the moment it reaches the receiver's device," Messenger's Ruth Kricheli said in a post. It's worth noting that the company's flagship messaging service gained support for E2EE in text chats in 2016, when it added a "Secret conversation" option to its app, while communications on its sister platform WhatsApp became fully encrypted the same year following the integration of Signal Protocol into the application.

Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger
2021-08-14 03:20

Facebook on Friday said it's extending end-to-end encryption for voice and video calls in Messenger, along with testing a new opt-in setting that will turn on end-to-end encryption for Instagram DMs. "The content of your messages and calls in an end-to-end encrypted conversation is protected from the moment it leaves your device to the moment it reaches the receiver's device," Messenger's Ruth Kricheli said in a post. It's worth noting that the company's flagship messaging service gained support for E2EE in text chats in 2016, when it added a "Secret conversation" option to its app, while communications on its sister platform WhatsApp became fully encrypted the same year following the integration of Signal Protocol into the application.

Facebook rolls out end-to-end encryption for Messenger calls
2021-08-13 20:20

Facebook has announced the rollout of end-to-end encrypted Messenger voice and video calls five years after making it available in one-on-one text chats. End-to-end encryption is used by most popular communication and collaboration platforms, including Zoom, Microsoft Teams, as well as Facebook's WhatsApp.

Beware! New Android Malware Hacks Thousands of Facebook Accounts
2021-08-10 00:26

A new Android trojan has been found to compromise Facebook accounts of over 10,000 users in at least 144 countries since March 2021 via fraudulent apps distributed through Google Play Store and other third-party app marketplaces. Dubbed "FlyTrap," the previously undocumented malware is believed to be part of a family of trojans that employ social engineering tricks to breach Facebook accounts as part of a session hijacking campaign orchestrated by malicious actors operating out of Vietnam, according to a report published by Zimperium's zLabs today and shared with The Hacker News.

Beware! New Android Malware Hacks Thousands of Facebook Accounts
2021-08-10 00:26

A new Android trojan has been found to compromise Facebook accounts of over 10,000 users in at least 144 countries since March 2021 via fraudulent apps distributed through Google Play Store and other third-party app marketplaces. Dubbed "FlyTrap," the previously undocumented malware is believed to be part of a family of trojans that employ social engineering tricks to breach Facebook accounts as part of a session hijacking campaign orchestrated by malicious actors operating out of Vietnam, according to a report published by Zimperium's zLabs today and shared with The Hacker News.

FlyTrap malware hijacks thousands of Facebook accounts
2021-08-09 21:43

A new Android threat that researchers call FlyTrap has been hijacking Facebook accounts of users in more than 140 countries by stealing session cookies. FlyTrap campaigns rely on simple social engineering tactics to trick victims into using their Facebook credentials to log into malicious apps that collected data associated with the social media session.