Security News

A ransomware group has now started to run Facebook advertisements to pressure victims to pay a ransom. Yesterday, the ransomware operators behind Ragnar Locker took it to the next level by hacking into a Facebook advertiser's account and creating advertisements promoting their attack on Campari Group.

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. "This is ridiculous and looks like a big fat lie," reads the Facebook ad campaign from the Ragnar crime group.

Mobile app developers accused by Facebook of deploying "Malicious" SDKs to scrape users' data from the social network have hit back, telling London's High Court that nearly all their apps were "Not capable" of harvesting data from Facebook itself. Haltas has now hit back, claiming that all but three of his apps couldn't possibly scrape data from Facebook because they didn't use the Login with Facebook feature.

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers' personal info with multiple technology giants. The insurer discovered the data breach after an internal audit according to Jens Wikström, Head of Marketing and Sales at Folksam, and reported the incident to the Swedish Data Protection Authority.

A campaign to sue Facebook over lax privacy policies that allowed Cambridge Analytica to slurp almost a million people's personal data from the social networking website hopes to become a representative action in the High Court, its instigators said today. The campaign said in a statement: "In 2013 and 2014, thousands of people participated in the thisisyourdigitallife app on Facebook. Facebook allowed this app to harvest the data of the app users' friends without their friends' permission or knowledge, including Alvin Carpio, the representative claimant. By taking data without consent, it is alleged that Facebook failed to meet their legal obligations under the Data Protection Act 1998.".

Scammers have hatched a new way to attempt to bypass two-factor authentication protections on Facebook. The first step in the "Appeal?" The victim is asked to submit a username, password and 2FA code from their mobile device, according to Sophos researcher Paul Ducklin, allowing fraudsters bypass 2FA. 2FA is an added layer of protection on top of a username and password that usually involves sending a unique code to a mobile device, which must be entered to access a platform.

Notification of Alleged Copyright Violation Recently there have been reports citing copyright violations of your Page posts. The link on the Facebook page above looks as though it stays on facebook.com, but the URL you see in blue above isn't the URL you visit if you click it.

Browser lockers are a type of redirection attack where web surfers will click on a site, only to be sent to a page warning them that their computer is infected with "a virus" or malware. In a recent, widespread campaign, cyberattackers are using Facebook to distribute malicious links that ultimately redirect to a browser locker page, according to researchers.

Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks - including a recent strike on a half-million Facebook users. Facebook has been a top cybercriminal favorite in phishing attacks so far this year, with recent research shedding light on 4.5 million phishing attempts that have leveraged the social media platform between April and September 2020.

From the Department of Definitely Not Evil comes news that Facebook is donating £1m to Britain's Bletchley Park computing landmark. Facebook is quite the fan of the work done at Bletchley Park, and a mural of scientist Alan Turning adorns a wall at the company's California headquarters.