Cyber Security Tip & Tricks

Saturday, June 22, 2013

Facebook Security Breach 6M Users details exposed

Facebook said that a security breach caused it to inadvertently reveal the personal data of six million users including their phone numbers for the past year. Facebook says it uses this data so it can generate friend request recommendations.  It’s mystifying to explain how an entity as large and far reaching as Facebook could go a year without catching such a glaring breach. The bug, which was reported via Facebook’s crowd sourced, White Hat security researcher program, was a part of one of Facebook’s data download tools. Facebook introduced the tool, named “Download Your Information”, allows users to do just that: It provides a history of your Facebook data since you joined the network, including Timeline data, contact information, photos and videos.


This news could come as a shock to Facebook users who trusted the site's customized privacy settings. The social networking site landed up in controversy earlier this month when it revealed that 9,000 - 10,000 of its users' details were shared with the US authorities.  Facebook’s security team said in a blog post about the data breach on 21/06/13. "At Facebook, we take people’s privacy seriously, and we strive to protect people’s information to the very best of our ability. We implement many safeguards, hire the brightest engineers and train them to ensure we have only high-quality code behind the scenes of your Facebook experiences. We even have teams that focus exclusively on preventing and fixing privacy-related technical issues before they affect you. . . . . . . . . . . . . .. .
We have already notified our regulators in the US, Canada and Europe, and we are in the process of notifying affected users via email. We appreciate the security researcher's report to our White Hat program, and have paid out a bug bounty to thank him for his efforts."



Facebook did not specify time period for which the user details were exposed but said the bug was reported only 'recently'. It has alerted its six million users whose personal details were exposed besides sending out an apology via email.


Here is the full text of the apology email:
Dear....,
Your privacy is incredibly important to everyone who works at Facebook, and we're dedicated to protecting your information. While many of us focus our full-time jobs on preventing or fixing issues before they affect anyone, we recently fell short of our goal and a technical bug caused your telephone number or email address to be accessible by another person.
The bug was limited in scope and likely only allowed someone you already know outside of Facebook to see your email address or telephone number. That said, we let you down and we are taking this error very seriously.
Describing what caused the bug can get pretty technical, but we want to explain how it happened. When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. Because of the bug, the email addresses and phone numbers used to make friend recommendations and reduce the number of invitations we send were inadvertently stored in their account on Facebook, along with their uploaded contacts. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, which included their uploaded contacts, they may have been provided with additional email addresses or telephone numbers.
Here is your contact Information (inadvertently accessible by at most 1 Facebook user):
[Phone number]
[Email address 1]
[Email address 2]
We estimate that 1 Facebook user saw this additional contact info displayed next to your name in their downloaded copy of their account information. No other info about you was shown and it's likely that anyone who saw this is not a stranger to you, even if you're not friends on Facebook.
We recognize that mistakenly sharing contact info is unacceptable, even if you are acquainted with people who saw these details, and we've taken measures to prevent this from happening again. For more information on the bug, please read our blog post.
All of us at Facebook take this issue very personally. We appreciate your ongoing use of Facebook, and are working every day to deliver the level of service you expect and deserve.
Thank you,
The Facebook Team






Wednesday, June 12, 2013

McAfee Security Innovations Mobile Security App

 

McAfee® released its new security apps "Mobile Innovations" provides you with an opportunity to try out groundbreaking new features to protect your device not to stolen or lose. The application aims specifically to help users not lose or have their device stolen, protect your data vault and to check the safeness of QR Codes. 


The app does so by working with the fact that users often have more than one device, letting them link the devices together to alert the user whenever the devices are more than 30 feet apart at any time. The so-called "Smart Perimeter" feature will set off an alarm if the devices become separated and let you track down whichever one is out of your possession.


To get this application click here or below link.
 
McAfee


McAfee Security Innovations Features

Smart Perimeter - Carrying more than one mobile device? Afraid of forgetting or losing them? Link them together and you will be alerted when they are separated by more than 30ft. Smart Perimeter will activate an alarm to let you quickly identify and recover your device.



Safe QR Reader - Ensure the QR codes are safe for browsing
Data Vault - Protect your private photos, videos and documents from prying eyes, locally on your device.




McAfee Security Innovations Mobile Security App Video

Sunday, June 9, 2013

Dashlane Password Manager having Two-Factor Authentication


It is a fact that there's no way we can keep up separate and secure passwords for all our logins spread all over the Internet. Writing them all down on post-it notes is not a very good solution. 
Password Manager is the solution in front of us and there are certain key features we have to check before going for a Password Manager software. Check for encryption standards, authentication, secure password generation and smart autofill (a must while using on the small screen of a phone).



Dashlane, is one of the password managers who is having all the above features.  Now its took the wraps off of a major update, including two-factor authentication via Google Authenticator, a completely overhauled interface for all apps, and a wizard to help new users boost their security.  The free version of Dashlane works really well. Even the free desktop version (Windows and Mac OS) has plenty of features and configurable plug-ins for Chrome, Firefox and Safari. The app and the desktop program do everything you'd want or need from a password utility, all for free.  Premium version of Dashlane is also there for $20 a year and you can have unlimited devices synchronized through the service (the free version limits you to one mobile device). Give Dashlane a try and I'll sure that you find it suits for your needs.  Download: Dashlane Password Manager (Free).  

  • Dashlane recently introduced their brand new browser extension, complete with a customized password generator! (Currently available on Chrome, Firefox and Safari)
  • New Features: Find and launch your logins, customize your randomly generated passwords, auto-fill them in a single click, and easily access Dashlane tips & tricks from our new browser extension.
  •  Add length, special characters, and even make your randomly generated passwords pronounceable
  • Use the browser extension's strength indicator to make sure your passwords are lock-tight.
  • Compatibility with Chrome 25, with a tutorial on how to enable your browser extension.
  • Sign up to join our beta program from within the desktop app. Improved: Dashlane notifications and web cards have a new and improved look.
Dashlane is an award-winning service that revolutionizes the online experience by replacing the drudgery of everyday transactional processes with convenient, automated simplicity - in other words, letting you get to the good stuff faster. 

Express checkout: Buy in seconds anywhere, no typing required. Automatically fill out all checkout fields with one click. Store all the info you need to buy online in one secure, private place. 

Password manager: Your Dashlane password is the last one you'll ever need. Stop remembering passwords, let the app do that for you. Gauge security of your passwords and easily upgrade them. 

Only your Dashlane password can unlock your data and only you have it Automatic login. Sign in automatically to your favorite sites, without lifting a finger. Manage multiple accounts on the same site easily and quickly. Choose which sites you'd like to get into fast, and which you don't. Automatic form-filling: The smartest, most accurate form-filler you've ever seen. Instantly fill out any form with a single click. Manage multiple identities, addresses, payment info and more to fill out forms all kinds of forms. Secure and encrypted notes: Store your software license numbers, wi-fi passwords, gift list, ideas or anything you'd like. Super-safe and private, and accessible wherever you go. Keep your data secure and private: All data is AES-256 encrypted locally on your computer. The only way to access your data is with your master password, which only you have. Not even Dashlane can touch your data. You can remotely deactivate any device you've synced to your account in case of loss or theft. Multi-platform and synced to the cloud: Access your data wherever you are. Use it on Macs, PCs, at home, on your favorite browser, and your preferred smart phone and tablet. Dashlane goes everywhere you go, and nowhere else.

 

Recent Comments