BF-SIRT Newsletter 2018-15

Facebook

On Tuesday and Wednesday this week, Mark Zuckerberg took part of congressional hearings regarding Cambridge Analytica and privacy concerns regarding Facebook. There are multiple news outlets covering the story, and KrebsonSecurity also wrote an article about how one should not trust these type of quizzes and such may receive data about you and your friends when you do them (which is how Cambridge Analytica got a hold of information about more than 50 million users when they approved access to the app “This is your digital life”).

Facebook has since added a website that allows you to check if your information was leaked or not, and they have also added additional privacy information on what type of data you have uploaded to Facebook with regards to Contacts, Call and Text history if you allowed Messenger or Facebook on your mobile to do so.

Facebook has also updated their bug bounty program and now offers a $40,000 bounty if you find evidence of Data Leaks.a

 

Top 5 Security links
Finland hit by a data breach affecting over 130,000 users
Drupal CVE-2018-7600 PoC is Public
Outlook bug allowed hackers to use .rtf files to steal windows passwords
Your Windows PC can get hacked by simply visiting a website if you don’t update
PowerHammer lets hackers steal data from air-gapped computers through power lines