Articles tagged "Meta"

Found 24 articles

Critical
Fake Céline Dion Paris Tickets Sold on Facebook and Ticketmaster Clones

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Scammers are targeting fans of Céline Dion by selling fake tickets through Facebook and creating counterfeit websites that mimic legitimate ticket sellers like Ticketmaster and AXS. According to cybersecurity firm Group-IB, these scammers are taking advantage of fans looking to purchase tickets for Dion's shows, leading to potential financial losses for unsuspecting buyers. The fake tickets and websites can create significant confusion and frustration for those trying to enjoy live performances. It’s crucial for fans to be cautious and verify the authenticity of ticket sources to avoid falling victim to these scams, especially as live events resume post-pandemic.

Read Original
Actively Exploited

Recent phishing attacks have targeted Facebook users by offering fake verification processes, aiming to steal sensitive information from business accounts. Attackers utilized a compromised chatbot to enhance their deception, making it easier for them to extract data from unsuspecting users. This campaign specifically affected individuals and businesses that rely on Facebook for communication and marketing. The incident raises concerns about the security of online platforms and highlights the importance of user awareness regarding potential scams. Users are advised to verify requests for information directly through official channels and to be cautious about sharing personal details online.

Read Original

Meta is currently testing a facial recognition technology that could be integrated into eyeglasses for real-time identification. This development is particularly notable because it is being prototyped in collaboration with a supplier for the Pentagon, raising concerns about privacy and surveillance. The technology seems to be aimed at law enforcement agencies, including ICE, which has expressed interest in deploying similar devices. This initiative could have significant implications for civil liberties, as it may facilitate increased monitoring of individuals in public spaces. The potential for misuse or overreach by authorities also adds to the urgency of the conversation around ethical implications and regulations surrounding facial recognition technology.

Read Original

Meta has decided to pause its MCI program, which began in April, due to concerns about potential data exposure. The program was designed to enhance the company's artificial intelligence by monitoring how employees interact with their computers, including tracking mouse movements and keyboard shortcuts. However, this employee-tracking initiative raised significant privacy issues, prompting the company to reconsider its approach. By halting the program, Meta aims to address these concerns before moving forward. This incident highlights the ongoing tension between technology advancements and employee privacy rights, prompting discussions about how companies should balance innovation with ethical practices.

Read Original
Actively Exploited

Malwarebytes has uncovered a phishing scam on Facebook that specifically targets users aged 40 and older. This scheme lures victims with fake offers for Aldi meat boxes, enticing them to provide personal information or financial details. The attackers are exploiting the trust users may have in social media platforms, making it crucial for older adults to be vigilant about suspicious offers. This incident serves as a reminder that scammers often tailor their tactics to exploit specific demographics, highlighting the need for increased awareness among users. Protecting personal information online is essential, especially when faced with seemingly harmless promotions.

Read Original

WhatsApp recently disclosed two vulnerabilities that could pose risks to its users. The first is a file spoofing issue, which could allow attackers to disguise a malicious file as a legitimate one. The second vulnerability involves an arbitrary URL scheme that could lead to unwanted actions when users click on certain links. These vulnerabilities were reported to Meta through their bug bounty program and have been addressed in updates released earlier this year. Users of WhatsApp should ensure their app is updated to maintain security, as these vulnerabilities could potentially be exploited if left unpatched.

Read Original

A Vietnamese-linked phishing campaign, dubbed AccountDumpling, has been uncovered, targeting Facebook users. This operation employs Google AppSheet as a tool to send phishing emails aimed at stealing Facebook account credentials. Researchers estimate that around 30,000 accounts have been compromised, with the attackers selling the stolen information through an underground marketplace. This incident raises concerns about the effectiveness of current phishing defenses, as even reputable platforms like Google can be misused for malicious purposes. Users are advised to remain vigilant and employ strong security measures to protect their accounts.

Read Original

The European Commission has accused Meta of failing to properly manage the risks associated with children under 13 accessing its platforms, which is a serious concern for child safety online. The allegations suggest that Meta did not effectively identify or address potential dangers for younger users, raising questions about the company's compliance with the Digital Services Act (DSA). This scrutiny comes amid growing concerns about the protection of minors on social media and the responsibilities of tech companies to safeguard this vulnerable group. If found in violation, Meta could face significant penalties and be required to implement stricter safety measures. This situation emphasizes the ongoing debate about how to balance user engagement with the safety of young internet users.

Read Original

A new cybersecurity threat has emerged involving a malicious Python package called 'Elfsmasher' found on the PYPI repository. This package was designed to compromise systems by stealing sensitive information and executing harmful commands. Users of Python and developers relying on this repository are particularly at risk, as they may inadvertently download the package, thinking it is legitimate. This incident highlights the vulnerabilities in software supply chains and the need for developers to be vigilant about the packages they use. Additionally, other topics covered in the article include various security incidents related to companies like Facebook and Medtronic, indicating a broader trend of increasing security challenges across multiple sectors.

Read Original
Actively Exploited

APT37, a North Korean state-sponsored hacking group, has launched a new social engineering campaign aimed at Facebook users. This operation utilizes the RokRAT trojan, which allows attackers to gain access to victims' devices and sensitive information. The campaign is multi-faceted, indicating a sophisticated approach to trick users into downloading the malware. This is particularly concerning as it targets a widely-used platform, potentially affecting millions of users. As cyber threats continue to evolve, individuals and organizations must remain vigilant about the security of their online activities and the links they interact with.

Read Original

U.S. Senator Chuck Grassley is investigating eight major tech companies for potentially failing to properly report instances of child sexual abuse material (CSAM). The companies under scrutiny include Meta, Amazon AI Services, TikTok, Snapchat, Discord, X.AI, Grindr, and Roblox. This inquiry follows concerns about how these platforms handle and report CSAM, which is a significant issue given the potential harm to children and the legal obligations these companies have. Grassley's investigation aims to ensure that these tech giants are held accountable for their reporting practices and that they take necessary steps to protect vulnerable users. The outcome of this probe could lead to stricter regulations and oversight of how online platforms manage and report such sensitive content.

Read Original

WhatsApp has informed around 200 users that they were deceived into installing a counterfeit version of its iOS app, which contained spyware. Most of the affected individuals are based in Italy. The attackers reportedly employed social engineering tactics to trick users into downloading the malicious app. This incident raises concerns about the security of mobile applications and highlights the need for users to be vigilant about the sources from which they download software. With spyware potentially compromising personal information, it is crucial for users to ensure they are using legitimate applications from trusted sources.

Read Original

A security researcher has discovered a vulnerability in WhatsApp that allows users to bypass the app's 'View Once' feature, which is designed to make images and videos disappear after being viewed. This issue arises from the use of a modified client application, and Meta, the parent company of WhatsApp, has stated it will not release a patch for this vulnerability. The decision not to address the flaw raises concerns about user privacy, as it undermines the security feature intended to protect sensitive media. Users who rely on this feature for confidential communications may be at risk of having their private content saved and shared without consent. The vulnerability's existence highlights the potential for modified applications to exploit weaknesses in popular messaging platforms.

Read Original

The ongoing conflict in Iran is expected to extend, leading to an increase in cyber threats and potential disruptions in energy supply across the region. Companies operating in the Middle East may face heightened risks as tensions escalate. Cybersecurity experts are warning that this situation could result in more frequent and severe cyberattacks aimed at critical infrastructure and private enterprises. The implications of such attacks could be wide-ranging, impacting not just local businesses but also global markets and energy prices. Stakeholders in the region are advised to bolster their cybersecurity measures to mitigate potential risks.

Read Original

Meta has taken significant action against scam operations by disabling over 150,000 accounts linked to scam centers in Asia. This initiative is part of a broader effort to combat online fraud, which has increasingly targeted users on social media platforms. By disrupting these centers, Meta aims to protect its users from scams that can lead to financial loss and identity theft. The company also launched new protection tools to enhance user safety and prevent future scams. This response reflects the growing challenge of online scams and the need for tech companies to actively safeguard their platforms.

Read Original
Page 1 of 2Next