Security News
Using a panel of 709 volunteers who shared archives of their Facebook data, Consumer Reports found that a total of 186,892 companies sent data about them to the social network. On average, each participant in the study had their data sent to Facebook by 2,230 companies.
A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting users to a website that steals your Facebook credentials. The phishing campaign started around a year ago, with Facebook having trouble blocking the posts as they continue to this day.
Link history stores records for 30 days, can be used to recall pages previously read, and excludes links sent in messages. Less prominently mentioned on help pages describing the feature on Facebook and Instagram is, of course, perhaps the real reason for the capability: "We may use link history information from our browser to improve your ads across Meta technologies."
It’s happened. Details here, and tech details here (for messages in transit) and here (for messages in storage) Rollout to everyone will take months, but it’s a good day for both privacy and...
Meta is introducing default end-to-end encryption for chats and calls across Messenger and Facebook, the company revealed on Wednesday. "We've introduced new privacy, safety and control features along the way like delivery controls that let people choose who can message them, as well as app lock, alongside existing safety features like report, block and message requests," said Loredana Crisan, Head of Messenger at Meta.
Meta has announced that the immediate availability of end-to-end encryption for all chats and calls made through the Messenger app, as well as the Facebook social media platform.E2EE has been available in the Messenger app as an optional feature called "Secret Conversations" since 2016 but Meta says it now enables it by default for all users as an additional layer of security.
Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware...
The European Data Protection Board has extended the temporary ban on targeted advertising on Facebook and Instagram, imposed by the Norwegian Data Protection Authority in July. The European watchdog's 27 October urgent binding decision instructs Ireland's Data Protection Commission to ban the processing of personal data for behavioral advertising across the entire European Economic Area within two weeks.
Norway has told the European Data Protection Board it believes a countrywide ban on Meta harvesting user data to serve up advertising on Facebook and Instagram should be made permanent and extended across Europe. The Scandinavian country's Data Protection Authority, Datatilsynet, had been holding back Facebook parent Meta from scooping up data on its citizens with the threat of fines of one million Kroner per day if it didn't comply.
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. First documented by Meta in May 2023, NodeStealer originated as a JavaScript malware capable of pilfering cookies and passwords from web browsers to compromise Facebook, Gmail, and Outlook accounts.