An estimated 6.8 million users were affected in the latest photo leak caused by a bug its app development platform that let apps access the private pictures of users, Facebook has revealed. Apps are expected to only have access to images posted on a user’s timeline, however a bug let the apps see any images linked to the account. This includes images on Facebook Stories and Facebook Marketplace, as well as those uploaded but not published. Facebook stores the latter for three days before they are deleted, in case the user decides to publish them. Users are required to give permission for apps to view photos, and only users who gave picture permissions had their images leaked to the apps. Facebook said the bug was active for 12 days between September 13th and September 25th,
Using one password for everything is convenient, but it’s also dangerously insecure. We examine the case of Mark, a young designer. Mark is a regular guy. He has e-mail, Facebook, Instagram, Amazon, eBay, Steam, and Battle.net accounts, not to mention ones for another dozen online stores and a forum dedicated to his favorite video game. The accounts are all linked to his e-mail. One day, the customer database of one of the online stores Mark has an account at suffers a leak (apparently it was kept unencrypted on an open-access server). No credit card information is stolen, but e-mail addresses, names, and passwords are. At first glance, there seems no particular reason to worry. Such leaks happen, and this is just a small online store — can you blame a humble shopkeeper
Based on interactions with organisations, a technology firm has released key trends for 2019 in the area of cyber security space. Matt Gyde, Group Executive (Cybersecurity) of Dimension Data, identifies five key trends that will empower the space. According to him, the trust will go digital as the technology helps organisations to embrace Digital Trust model, moving away from the present Zero Trust (don't trust anything, any person inside or outside the organisation) model. "In 2019, Zero trust is maturing into digital trust. IT will leverage ‘digital fingerprints’ for smoother authentication of users and provide them with easier access to apps and information," he says. "Identity-as-a-Service, user authentication, identity and access management are expected to be the largest segmen
A new impact assessment shows privacy risks Microsoft Office ProPlus Enterprise. On behalf of the Ministry of Security and Justice, Privacy Company carried out a DPIA on DPIA on Microsoft Office ProPlus (Office 2016 MSI and Office 365 CTR). At the request of the Ministry, they published a blog about the findings. The SLM Rijk conducts negotiations with Microsoft for approximately 300.000 digital work stations of the national government. The Enterprise version of the Office software is deployed by different governmental organisations, such as ministries, the judiciary, the police and the taxing authority. The results of this Data Protection Impact Assessment (DPIA) are alarming. Microsoft collects and stores personal data about the behaviour of individual employees on a large scale...
The Communications Authority of Kenya recently released their Q1 2018 Sector Statistics Report and it has some interesting tidbits. First is the section about the National Cyber Threat Landscape. The National KE-CIRT/CC detected over 7.9 million cyber threats, which was a 25% drop compared to the previous quarter. The most interesting tidbit under the various list of cyber threats detected is the rise of online abuse in the time frame the data was collected. According to CA, online abuse has increased by 1155% compared to last quarter (1757 cases vs 140) which is quite significant. During this quarter, the National KE-CIRT/CC validated and escalated 3,488 cases, of which online abuse took the lions share (1737 cases) up from 99 last quarter. This was a 1654.5% increase. According