Facebook

Pierluigi Paganini March 04, 2024
META hit with privacy complaints by EU consumer groups

This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanction the company Meta – which owns Facebook, Instagram and WhatsApp – for allegedly breaching privacy rules. Earlier this week, Meta […]

Pierluigi Paganini February 29, 2024
Researchers found a zero-click Facebook account takeover

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow. […]

Pierluigi Paganini October 21, 2023
A threat actor is selling access to Facebook and Instagram’s Police Portal

A threat actor is selling access to Facebook and Instagram’s Police Portal used by law enforcement agencies to request data relating to users under investigation. Cyber security researcher Alon Gal, co-founder & CTO of Hudson Rock, first reported that a threat actor is selling access to Facebook and Instagram’s Police Portal. The portal allows law […]

Pierluigi Paganini August 02, 2023
Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign

Experts spotted a spear-phishing Facebook campaign exploiting a zero-day vulnerability in Salesforce email services. Researchers from Guardio Labs uncovered a sophisticated phishing campaign exploiting a zero-day vulnerability in Salesforce email services and SMTP servers. The phishing campaigns are able to evade conventional detection methods by chaining the Salesforce vulnerability and legacy quirks in Facebook’s web […]

Pierluigi Paganini May 04, 2023
Facebook warns of a new information-stealing malware dubbed NodeStealer

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first spotted in late January 2023 while targeting the browsers of Windows systems. It […]

Pierluigi Paganini May 03, 2023
Hackers are taking advantage of the interest in generative AI to install Malware

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. The hackers attempt to trick victims into installing malicious apps and browser extensions on their […]

Pierluigi Paganini March 22, 2023
Rogue ChatGPT extension FakeGPT hijacked Facebook accounts

A tainted version of the legitimate ChatGPT extension for Chrome, designed to steal Facebook accounts, has thousands of downloads. Guardio’s security team uncovered a new variant of a malicious Chat-GPT Chrome Extension that was already downloaded by thousands a day. The version employed in a recent campaign is based on a legitimate open-source project, threat […]

Pierluigi Paganini January 30, 2023
Researcher received a $27,000 bounty for 2FA bypass bug in Facebook and Instagram

A researcher disclosed technical details of a two-factor authentication bypass vulnerability affecting Instagram and Facebook. The researcher Gtm Manoz received a $27,000 bug bounty for having reported a two-factor authentication bypass vulnerability affecting Instagram and Facebook. The flaw resides in a component used by the parent company Meta for confirming a phone number and email […]

Pierluigi Paganini January 24, 2023
Meta Platforms expands features for EE2E on Messenger App

Meta Platforms announced the implementation of more features into its end-to-end encrypted Messanger App. Meta Platforms started gradually expanding testing default end-to-end encryption for Messenger. The company announced that over the next few months, its users will continue to see some of their chats gradually being upgraded with end-to-end encryption.  “We will notify people in […]

Pierluigi Paganini December 27, 2022
Facebook (Meta) to settle Cambridge Analytica data leak for $725M

Facebook (Meta) has agreed to pay $725 million to settle the class-action lawsuit filed in 2018 over the Cambridge Analytica data leak. Facebook (Meta) has agreed to pay $725 million to settle a class-action lawsuit filed in 2018 over the Cambridge Analytica data leak. According to Reuters, the lawyers for the plaintiffs defined the proposed settlement as […]