Security News

Need a tool to check your Python-based applications for security issues? Facebook has open-sourced Pysa, a tool that looks at how data flows through the code and helps developers prevent data flowing into places it shouldn't. "Pysa tracks flows of data through a program. The user defines sources as well as sinks," Facebook security engineer Graham Bleaney and software engineer Sinan Cepel explained.

TechRepublic's cheat sheet about the Facebook data privacy scandal covers the ongoing controversy surrounding the illicit use of profile information. Fallout from a confluence of factors in the Facebook data privacy scandal has come to bear in the last week of July 2018.

Facebook on Monday said it is asking EU courts to review "Exceptionally broad" requests by antitrust regulators there that would scoop up employees' personal information. The US-based internet colossus maintained it has been cooperating with a European Commission antitrust investigation and will continue to do so, but that the wording of commission requests casts a net so wide it will haul in Facebook employees' private messages and more.

Facebook on Wednesday unveiled new privacy and security features for its Messenger application. One of the new privacy features is called App Lock and it allows users to protect their private chats when they borrow their phone to a friend or family member.

Facebook's lawsuit against NSO Group over alleged spying on WhatsApp users will be allowed to go forward. WhatsApp-owner Facebook is alleging that NSO Group exploited a vulnerability in WhatsApp to deploy its spyware against human rights activists, journalists and political dissidents.

Facebook won a significant legal victory on Thursday when the judge hearing the lawsuit against Israeli spyware maker NSO Group declined to dismiss the case - and allowed the crucial discovery process to move forward. Last October, Facebook and its WhatsApp subsidiary sued NSO Group, and its Q Cyber Technologies affiliate, in the Northern District of California.

Facebook announced on Friday that it's offering significant rewards through its bug bounty program for vulnerabilities found in Hermes and Spark AR. Hermes is a JavaScript engine that Facebook released as open source one year ago. Hermes is used by the social media giant's React Native apps for Android and other software, including Spark AR, an augmented reality platform that is used to create effects on Facebook, Instagram and even on Facebook's Portal smart displays.

Facebook, WhatsApp and Telegram will deny law enforcement requests for user data in Hong Kong as they assess the impact of a new national security law enacted last week. Facebook and its messaging app WhatsApp said in separate statements Monday that they would freeze the review of government requests for user data in Hong Kong, "Pending further assessment of the National Security Law, including formal human rights due diligence and consultations with international human rights experts."

It's time to talk about Facebook hoaxes once more. Looking at the Naked Security articles that people have not only searched for but also read in large numbers over the past few days tells us that we're in what you might call a "Market uptick" for hoaxes at the moment.

The social media giant said that it recently discovered that 5,000 developers received data from Facebook users - long after their access to that data should have expired. In 2018, on the heels of the Cambridge Analytica privacy incident, Facebook debuted stricter controls over data collection by third-party app developers.