Security News
The issue was discovered in October by Saugat Pokharel, a researcher based in Nepal, and it was patched within hours by Facebook. Pokharel identified the vulnerability while analyzing the Facebook Business Suite interface that the social media giant introduced in September.
Download numbers from the browser store show that several million people worldwide currently may be using the extensions, researchers said. Avast Threat Intelligence discovered the malware after following up on research by Czech researcher Edvard Rejthar at CZ.NIC, who first identified the threat originating in browser extensions on his system, Avast senior writer Emma McGowan wrote in a blog post published Thursday.
Facebook is again pushing back on new Apple privacy rules for its mobile devices, this time saying in full page newspaper ads that the social media giant is standing up for small businesses. In ads that ran in The New York Times, The Wall Street Journal and other national newspapers Wednesday, Facebook said Apple's new rules "Limit businesses' ability to run personalized ads and reach their customers effectively."
Australia's consumer watchdog launched legal action against Facebook on Wednesday, alleging the social media giant "Misled" thousands of Australians by collecting user data from a free VPN service advertised as private. The Australian Competition and Consumer Commission has accused Facebook and two of its subsidiaries - Facebook Israel and Onavo Inc - of misleading people who downloaded its virtual private network app Onavo Protect, by collecting and using their "Very detailed and valuable personal activity data".
Facebook said Tuesday that it had removed two networks based in Russia and one linked to the French military, accusing them of carrying out interference campaigns in Africa. Two networks running multiple Facebook accounts were assigned to people associated with the Russian Internet Research Agency, and the third had "Links to individuals associated with French military," the social media platform said.
Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. Designed for cyberespionage, the malware attempts to avoid detection and takedown efforts by using Dropbox and Facebook services to steal data and receive instructions from the operators.
Facebook has shut down several accounts and Pages on its platform, which were used to launch phishing and malware attacks by two cybercriminal groups: APT32 in Vietnam and an unnamed threat group based in Bangladesh. "The operation from Vietnam focused primarily on spreading malware to its targets, whereas the operation from Bangladesh focused on compromising accounts across platforms and coordinating reporting to get targeted accounts and Pages removed from Facebook," said Nathaniel Gleicher, head of security policy, and Mike Dvilyanski, cyber-threat intelligence manager at Facebook, in a Thursday post.
Social media giant Facebook this week revealed that it has disrupted the activity of two groups of hackers - one operating from Vietnam and the other from Bangladesh. The groups, Facebook says, were engaging in cyber-espionage activities, attempting to compromise accounts to gain access to information of interest.
The Facebook security team has revealed today the real identity of APT32, a Vietnam-backed hacking group active in cyberespionage campaigns targeting foreign government, multi-national corporations, and journalists since at least 2014. The APT32 nation-state hackers were linked to Vietnamese IT firm CyberOne Group in a report published earlier today by Nathaniel Gleicher, Facebook's Head of Security Policy, and Mike Dvilyanski, Cyber Threat Intelligence Manager.
Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware. Exact evidence trail leading Facebook to attribute the hacking activity to CyberOne Group was not disclosed, but according to a description on ITViec - a Vietnamese online platform to find and post job vacancies for IT professionals and software developers - the company advertises itself as a "Multinational company" with a focus on developing "Products and services to ensure the security of IT systems of organizations and businesses."