Information Management Today

Experts spotted browser malicious extensions for Instagram, Facebook and others

Security Affairs

DECEMBER 17, 2020

birth dates, email addresses, and active devices) and redirect the victims to ads and phishing sites. “ The tainted extensions pose as helper add-ons for Vimeo, Instagram, Facebook, and other popular online services. . The extensions were designed to steal user’s data (i.e. ” reads the analysis published by Avast.

Phishing

Phishing IT Security Information Security

CardX released a data leak notification impacting their customers in Thailand

Security Affairs

SEPTEMBER 17, 2023

Its history dates to 1904, when it was established under the leadership of Prince Mahisorn. Security Affairs will be updating the story with more information based on further official updates. SCB X is a holding company for The Siam Commercial Bank Public Company Limited, of which CardX is a part.

Cybersecurity

Cybersecurity Access Security IT

“gitgub” malware campaign targets Github users with RisePro info-stealer

Security Affairs

MARCH 17, 2024

The researchers started the investigation following Arstechnica’s story about malicious Github repositories. that pretend to display a status alongside a current date and provide a sense of legitimacy and recency.” The experts noticed that this campaign was named “gitgub” by its operators.

Passwords

Passwords File names Archiving Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Using Fake Reviews to Find Dangerous Extensions

Krebs on Security

MAY 29, 2021

Here’s the story of how bogus reviews on a counterfeit Microsoft Authenticator browser extension exposed dozens of other extensions that siphoned personal and financial data. The extensions spoofed a range of consumer brands, including Adobe , Amazon , Facebook , HBO , Microsoft , Roku and Verizon.

Authentication

Authentication IT Marketing

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

Welcome to this week’s round-up of the biggest and most interesting news stories. On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”.

Data Privacy

Data Privacy Privacy Security Data breaches

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

The following is an email from Sykes to Biderman dated Nov. Still, the story noted that LeakedSource likely had more than one operator, and breached records show Bloom was a prolific member of Abusewith[.]us. That Facebook page indicates Bloom also went by the nickname “ Agentjags.”

Passwords

Passwords Data breaches Marketing IT

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

IT Governance

MARCH 17, 2022

The tech giant, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements, and more than 30 million people have been affected. The DPC began its inquiry in 2018 – shortly after the GDPR took effect – after it received a dozen breach notifications from Facebook. What rules did Facebook break?

GDPR

GDPR Personal data Encryption Compliance

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

He also shared a PayPal receipt and snippets of Facebook Messenger logs showing conversations in March 2014 with legendboy2050@yahoo.com. Constella also connects legendboy2050 to Facebook and Instagram accounts for one Abdala Tawfik from Cairo. This user’s Facebook page says Tawfik also uses the name Abdalla Khafagy.

Passwords

Passwords Blockchain Mining Marketing

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

Krebs on Security

APRIL 4, 2023

“The high incidence of Google and Facebook is expected, as they are such widely used platforms,” Flashpoint noted in an analysis of Genesis Market, observing that all ten of the ten most expensive bots at the time included Coinbase credentials. This is a developing story.

Marketing

Marketing Passwords Authentication Access

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

JUNE 18, 2020

According to the indictment, Johnson stole employee information on all 65,000 then current and former employees, including their names, dates of birth, Social Security numbers, and salaries. A Facebook profile with the same photo belongs to a Justin S. Johnson from Detroit.

IT

IT Archiving Personal data Access

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

in Samara, Russia, and included Nordex’s date of birth as April 8, 1980 , as well as their ICQ number ( 228427661 ). ” This account had the same date of birth as Nordex, but a different email address: nordia@yandex.ru. That Bankir account was registered from the Internet address 193.27.237.66 ” NORDIA Nordia@yandex.ru

Marketing

Marketing Passwords Government Military

City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day

Security Affairs

MARCH 24, 2023

One of the top cybersecurity stories of the year is unfolded with CL0P^_- going everywhere. 39 posts today, 72 for the week to date, 58 left roughly.

Ransomware

Ransomware Access Cybersecurity Security

Episode 211: Scrapin’ ain’t Hackin’. Or is it?

The Security Ledger

APRIL 16, 2021

» Related Stories Episode 206: What Might A Federal Data Privacy Law Mean In the US? In just the last two weeks, three of the world’s most prominent social networks have been linked to stories about data leaks. To hear Facebook , LinkedIn and Clubhouse speak, however, nothing is amiss.

IT

IT Data science Data Privacy Sales

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Krebs on Security

OCTOBER 5, 2022

In last week’s story on this topic, I suggested LinkedIn could take one simple step that would make it far easier for people to make informed decisions about whether to trust a given profile: Add a “created on” date for every profile. ”

Artificial Intelligence

Artificial Intelligence Authentication IT Communications

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

Flashpoint said Truniger recruited “pen testers” for a new, then-unnamed cybercrime group, by posting their private Jabber instant messenger contact details on multiple Russian language coding forums, as well as on Facebook. “The command requires Windows system administrators,” Truniger’s ads explained.

Ransomware

Ransomware Data breaches Encryption Systems administration

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Security Affairs

JUNE 20, 2022

“This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. The researcher noticed that the commits dated October 2016 and December 2016 were very large, she discovered that the commit in October changed 40 files with 900 additions and 1225 deletions.

Security

Security IT Cybersecurity Data breaches

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

eSecurity Planet

JULY 21, 2021

Amnesty International and Forbidden Stories – a Paris-based nonprofit media group that works with journalists – said earlier this week that users of the Israeli-developed spyware were able to hack into iPhone 11 and iPhone 12 devices, as well as Android devices, of tens of thousands of people – including a number of world leaders.

Security

Security Government Privacy Ransomware

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Security Affairs

FEBRUARY 27, 2023

Compromised data include names, addresses, telephone numbers, dates of birth, bank account numbers, credit cards, passwords, license plates, citizen service numbers or passport data. Tens of millions of privacy-sensitive personal data have fallen into the hands of criminals as a result of this theft and trade.”

Personal data

Personal data Access Archiving Passwords

Facebook News (Livestream): The Brand Spaces Are Bigger, Bolder, More…Ad Like

John Battelle's Searchblog

FEBRUARY 29, 2012

Facebook is holding it’s first ever “fMC” today – that’s Facebook Marketing Conference, and it’s announcing widely expected new ad formats. From the release just sent to me: Today, Facebook announced a new design for Pages, giving brands and businesses more ways to tell their story.

Marketing

Marketing IT

How we broke the cloud with two lines of code: the full story of ChaosDB

Security Affairs

NOVEMBER 12, 2021

As a quick recap of what we’ve shared to date, ChaosDB is what we named the chain of misconfigurations we found in the Cosmos DB service — specifically, multiple flaws in the way Microsoft introduced the Jupyter Notebook feature to the Cosmos DB service. This, however, was not the full story of ChaosDB. Pierluigi Paganini.

Cloud

Cloud Access Authentication Security

Weekly Podcast: Superdrug, Facebook and Twitter, and the ICO

IT Governance

AUGUST 23, 2018

In this week’s podcast, we discuss the data incident at Superdrug, Facebook and Twitter removing accounts, and the ICO website being down. Here are this week’s stories: High-street retailer, Superdrug, suffered a data breach earlier this week. Dates of birth. Information stolen included: Names. Phone numbers.

Passwords

Passwords Retail Information Security Data breaches

Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API

Security Affairs

JUNE 18, 2019

Public data includes names, dates, pictures and messages sent, Hang Do Thi Duc was able to track a profile for some of them, such as two users identified with the monikers ‘The Cannabis Retailer’ and the ‘The cord dealer.’ this public URL. 207,984,218 public Venmo transactions.

Retail

Retail Privacy Access Security

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

AUGUST 7, 2018

” Interestingly, Handschumacher’s public Facebook page remains public, and is replete with pictures that he posted of recent new vehicle aquisitions, including a pickup truck and multiple all-terrain vehicles and jet skis. All four major U.S.

Authentication

Authentication Computer and Electronics Passwords Retail

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

Instead of creating an account on a website, you can connect via credentials from another provider, such as Facebook or Google. Stay up-to-date. To be stable and still benefit from the latest security updates, a good API should rely on a good security network, infrastructure and up-to-date applications (servers, load balancers).

Security

Security Authentication Encryption Passwords

Weekly podcast: Panera Bread, Grindr and MyFitnessPal

IT Governance

APRIL 6, 2018

He created a Pastebin page detailing the vulnerability, and emailed Brian Krebs, who took up the story earlier this week. The date Under Armour published its notice? Having waited eight months for Panera to fix the flaw, Houlihan decided to publish it. 29 March – four days after discovering the breach.

Data breaches

Data breaches Passwords Information Security Privacy

Weekly podcast: myPersonality, train Wi-Fi and Kaspersky Lab

IT Governance

MAY 17, 2018

This week, we discuss the exposure of millions of Facebook users’ data, security failings in train passenger networks and Kaspersky Lab’s relocation to Switzerland. Here are this week’s stories. Around 40% of them opted to share data from their Facebook profile with the project. million people”. million people”.

Government

Government Access Information Security Security

Ensure you’re #BreachReady in the media sector

IT Governance

JULY 26, 2018

A ferocious summer heatwave continues to dominate the majority of the UK’s social media posts and entertainment news stories. On Facebook, Timehop shows users their popular historical posts to help rekindle old memories. While the sassy summer sunshine shines, you should be shielded in the shade for sure.

Data breaches

Data breaches GDPR Personal data Government

“Peak Google”? Maybe, But Is “Native” The Reason?

John Battelle's Searchblog

OCTOBER 23, 2014

But the real reason I’m responding is Thompson’s thesis that Google is at its peak, about to be eclipsed by Facebook or Pinterest or some other advertising-based company. We’re in the very early innings, though Facebook has been a clear winner to date. – No one has yet “won” in native.

Authentication

Authentication IT

Facebook Will Shift to Emphasize Encrypted Ephemeral Messages, Zuckerberg Says: eDiscovery Trends

eDiscovery Daily

MARCH 14, 2019

In a post to Facebook last week, founder Mark Zuckerberg outlined a vision of the future that includes end-to-end encryption and an ephemeral lifespan for private messages and photos. Today we already see that private messaging, ephemeral stories, and small groups are by far the fastest growing areas of online communication.”.

Encryption

Encryption e-Discovery Communications Privacy

2021 cyber security review of the year

IT Governance

JANUARY 10, 2022

The cyber security landscape offered similarly familiar topics: there were huge data breaches at Facebook and LinkedIn, while the threat of ransomware reached catastrophic levels. You can read more about that attack, along with the year’s other biggest stories, in our 2021 cyber security review of the year.

Security

Security Data breaches Ransomware Phishing

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. For more information on each story, simply follow the links in the transcript on our blog. In October , Facebook admitted that the accounts of nearly 50 million users had been exposed.

Data breaches

Data breaches Personal data Access GDPR

Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it

Security Affairs

OCTOBER 8, 2018

Exposed data include including usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. The worse aspect of the story is that the company did not disclose the flaw in the Google+ when it first discovered the issue in this spring because it feared regulatory scrutiny and reputational damage.

IT

IT Data breaches Privacy Data Privacy

Nine is Divine! eDiscovery Daily is (Cloud)Nine Years Old!

eDiscovery Daily

SEPTEMBER 19, 2019

And, we published our first case law post about a case where the spoliator of data was actually threatened with jail time – our first of 701 posts about case law to date, covering more than 540 distinct cases! Here’s an evidence story that only a word geek like me can appreciate. How many states have Security Breach Notification Laws?

Cloud

Cloud Data Privacy Privacy Data breaches

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Adam Levin

APRIL 8, 2019

Unless you live under a bottle cap rusting on the bottom of Loon Lake, you know that if you’re concerned about privacy , Facebook CEO Mark Zuckerberg is the gift that keeps on taking. Facebook has had more than its share of bad press in recent years, including Russian meddling in U.S.

Privacy

Privacy Artificial Intelligence Data Privacy Passwords

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

IT Governance

FEBRUARY 14, 2024

92,391,296 known records breached in 222 publicly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. Key dates 31 March 2024 – PCI DSS v4.0 We’ll be back next week with the biggest and most interesting news stories, all rounded up in one place. of the Standard.

Data Privacy

Data Privacy Manufacturing Privacy Security

Governance, Technology, and Capitalism.

John Battelle's Searchblog

SEPTEMBER 24, 2018

As one Senator told me during the Facebook hearings this past summer , “we purposefully didn’t regulate technology, and that was the right thing to do.” Dating we’ve left to the governance of cultural norms, which share the power of government over much of the world. Or, Will Nature Just Shrug Its Shoulders?

Government

Government Marketing Education Insurance

The Future Is Cloudy

John Battelle's Searchblog

AUGUST 29, 2012

We talk about Facebook and whether we’re sharing too much. It quotes a study that found: … most people have no idea what the cloud is , have pretended to know what it means on first dates, and yet effectively all respondents are active cloud computing users. Who Cares?

Cloud

Cloud Privacy IT

Make My Baby - Is The Baby Facebook? Updated: No, It's Myspace.

John Battelle's Searchblog

JANUARY 18, 2011

Over the weekend, as I pondered an eMarketer report estimating Facebook's advertising revenue at $1.86 billion (seems low), I wondered to myself: When will Facebook start to drive the kind of widespread graymarket activity which proved Google's immense worth? When would Facebook become a hotbed of affiliate arbitrage across the board?

IT

IT Insurance

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

IT Governance is closing out the year by rounding up 2019’s biggest information security stories. The dating site denied that it had suffered a data breach, even though many users took to Twitter saying that someone had got into their account and changed their login credentials. IT Governance released its final Weekly Podcast.

Data breaches

Data breaches GDPR Passwords Personal data

Data Governance Makes Data Security Less Scary

erwin

OCTOBER 31, 2019

Add to the mix the potential for a data breach followed by non-compliance, reputational damage and financial penalties and a real horror story could unfold. s Information Commissioner’s Office had levied against both Facebook and Equifax for their data breaches. Marriot International was fined $123 million , or 1.5

Government

Government Security Metadata Data breaches

Carol Bartz at Web 2: Everybody Is Sticking Everybody Else In The Eye

John Battelle's Searchblog

OCTOBER 22, 2010

Those arguments have fostered serious chatter that Bartz might once again miss her Web 2 date - and this time not due to illness. Again, there's an interesting story here as it relates to content. Why would a talented engineer want to go to Yahoo instead of, say, Facebook or a startup? Yahoo's approach to social.

IT

Make My Baby - Is The Baby Facebook?

John Battelle's Searchblog

JANUARY 18, 2011

Over the weekend, as I pondered an eMarketer report estimating Facebook's advertising revenue at $1.86 billion (seems low), I wondered to myself: When will Facebook start to drive the kind of widespread graymarket activity which proved Google's immense worth? When would Facebook become a hotbed of affiliate arbitrage across the board?

Insurance

Insurance IT

A Close Up Look at the Consumer Data Broker Radaris

Krebs on Security

MARCH 8, 2024

Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs. Dmitry Lybarsky’s Facebook/Meta account says he was born in March 1963. But how much do we know about Radaris? government.

Privacy

Privacy Data Privacy Government Marketing

Living a stealth life

CILIP

JUNE 15, 2021

We believe that these are stories that deserve to be heard and represented as they can provide us with insight on how we can make work environments safer for LGBTQ+ people. Jay Sullivan (JS): I joined my current organisation over 10 years ago and had already been living as Jay for several years prior to this date. m so sorry you?ve

IT

IT Archiving Risk Access

Experts spotted browser malicious extensions for Instagram, Facebook and others

CardX released a data leak notification impacting their customers in Thailand

Webinars

Trending Sources

“gitgub” malware campaign targets Github users with RisePro info-stealer

Webinars

Using Fake Reviews to Find Dangerous Extensions

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

Who’s Behind the Botnet-Based Service BHProxies?

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

$10M Is Yours If You Can Get This Guy to Leave Russia

City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day

Episode 211: Scrapin’ ain’t Hackin’. Or is it?

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

A Closer Look at the Snatch Data Ransom Group

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Facebook News (Livestream): The Brand Spaces Are Bigger, Bolder, More…Ad Like

How we broke the cloud with two lines of code: the full story of ChaosDB

Weekly Podcast: Superdrug, Facebook and Twitter, and the ICO

Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API

Florida Man Arrested in SIM Swap Conspiracy

API Security and Hackers: What?s the Need?

Weekly podcast: Panera Bread, Grindr and MyFitnessPal

Weekly podcast: myPersonality, train Wi-Fi and Kaspersky Lab

Ensure you’re #BreachReady in the media sector

“Peak Google”? Maybe, But Is “Native” The Reason?

Facebook Will Shift to Emphasize Encrypted Ephemeral Messages, Zuckerberg Says: eDiscovery Trends

2021 cyber security review of the year

Weekly podcast: 2018 end-of-year roundup

Google was aware of a flaw that exposed over 500,000 of Google Plus users, but did not disclose it

Nine is Divine! eDiscovery Daily is (Cloud)Nine Years Old!

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

The Week in Cyber Security and Data Privacy: 5 – 11 February 2024

Governance, Technology, and Capitalism.

The Future Is Cloudy

Make My Baby - Is The Baby Facebook? Updated: No, It's Myspace.

2019 end-of-year review part 1: January to June

Data Governance Makes Data Security Less Scary

Carol Bartz at Web 2: Everybody Is Sticking Everybody Else In The Eye

Make My Baby - Is The Baby Facebook?

A Close Up Look at the Consumer Data Broker Radaris

Living a stealth life

Stay Connected