The following are some of the key cybersecurity and cyberwar topics we are following:
Facebook Gave Data Access to Chinese Firm Flagged by U.S. Intelligence
The social media giant is in trouble again for sharing sensitive user data with Chinese smartphone makers. The US authorities have found that Facebook has had data-sharing partnerships with Huawei, Lenovo, Oppo, and TCL since at least 2010. Facebook has acknowledged the findings had has said that it will wind down the Huawei deal by the end of the week. However, the latest findings are going to hit the social media giant where it hurts after it seemed to be recovering from the Cambridge Analytica data breach scandal. Read the full story on New York Times. CTOvision recommends you do yourself and all the contacts in your address book and all your facebook connections a favor and delete the Facebook app from your phone, tablet and any other mobile device. Delete messenger too. If you need access to Facebook while on the go use the web version on your device. We also recommend you advise all your friends and family to do the same. It will do little to ensure the data compromised will not be mis used, but might slow down future compromises.
Amazon will stop selling connected toy filled with security issues
Amazon has discontinued selling CloudPets toys on its ecommerce platform after researchers found new vulnerabilities in the smart toy being sold by CloudPets. For those who remember, CloudPets’ database was hacked by unknown hackers just after Walmart and Target data breach was announced. Amazon is taking no chances with the hacking risks associated to the smart toys and has stopped selling them on its platform. Source: CNET. CTOvision comment: If stores don’t sell devices with vulnerabilities that would be a very good thing. But hypothetically will there ever be a computerized device without a vulnerability?
Job application tool PageUp suspects data breach
World’s leading job application tool provider has said that it suspects hackers could have breached its servers and accessed user information. PageUp’s software is used for recruitment, but also salary information, bank details, tax numbers and other sensitive personal data and is pretty sensitive. Its high profile clients include supermarket Aldi, Clydesdale Bank and chocolate-maker Lindt. Read more about the PageUp data breach on BBC.
Apple’s new privacy rules put Google and Facebook in a ‘precarious place,’ says ad industry exec
Apple is offering its users more security options in Safari including tracking prevention features by limiting both “fingerprinting” of devices and user tracking through comment, share, and like buttons. Apple said that the new Safari features would let its users control who gets their personal information online, including limiting data tracking across websites. Apple’s new user control options with Safari puts the top browser maker, Google in a precarious situation with its Chrome browser as users will be expecting similar controls. Read Michelle Castillo’s article on CNBC.
Hacker Stole 26 Million Email And Home Addresses Of Ticketfly Users
The online ticketing service, Ticketfly is offline for the past five days because it was hacked and the hackers have access to over 26 million user accounts. According to Troy Hunt, hackers have stolen 26 million email addresses of users, along with home and billing addresses as well as phone numbers. Hunt analyzed the databases and found 26,151,608 unique email addresses. The databases did not include passwords nor credit card details. But for most users, they did include their home and billing address and phone numbers. Read more about the Ticketfly data breach on Motherboard. Comment: This is not the only big breach, we report on them all the time at ThreatBrief.com, but even in this age of endless breaches, 26 million emails and home addresses and phone numbers is significant. These days we all have to be ready to have our information breached, again, from any place that collects our info. That includes our employeers. For some reading there see: Nearly half of all enterprises were hacked in the last 12 months