Cyber Bites

A bug exposed photos from up to 6.8 million users using third-party apps, . The exposed photos include those that users never finished sharing to the site, Facebook said. The disclosure is one of the company has grappled with over the past year. In March, reports from and shed light on how Cambridge Analytica used data on Facebook users to influence the 2016 U.S. presidential election. In September, it announced a that affected up to...

Two days after Cisco patched a severe vulnerability in a popular brand of SOHO routers, and one day after the publication of proof-of-concept code, hackers have started scans and attacks exploiting the said security bug to take over unpatched devices. The vulnerability, tracked as CVE-2019-1663, was of note when it came out on February 27 because it received a severity score from the Cisco team of 9.8 out of a maximum of 10. Source: ZDNet

North Korean hackers who have targeted American and European businesses for 18 months kept up their attacks last week even as President Trump was meeting with North Korea’s leader in Hanoi. The attacks, which include efforts to hack into banks, utilities and oil and gas companies, began in 2017, according to researchers at the cybersecurity company McAfee, a time when tensions between North Korea and the United States were flaring. But even though both sides...

More than 3,000 GPs are at risk of breaching data protection laws if they sign up to a new way of sharing childhood vaccination data, the BMA has warned. The new extraction system, which shares immunisation data between GP systems and the Child Health Information Service (CHIS), could be sharing more data than the law allows. The new system uses a process that copies, transfers and stores the whole GP database, rather than the minimal...

18 MongoDB databases with information generated by accounts on several online social services in China have been sitting on the web ready for plucking by anyone knowing where to look. It appears that they are part of a country-wide surveillance program that collects profile-related data (names, ID numbers, and photos) along with GPS locations, network info, public and private conversations, and file exchanges. Source: Bleeping Computer

Public cloud adoption is growing by double-digit percentages year over year, and the public cloud market is expected to exceed $220 billion by the end of 2019, according to Gartner. However, the survey findings from Dimensional Research reveal that IT teams are often siloed and do not agree on who is responsible for the deployment and ongoing management of the public cloud network. Source: Help Net Security

A detailed analysis of code and data from a command-and-control server responsible for the management of the operations, tools and tradecraft behind the Operation Sharpshooter campaign has revealed evidence that this global cyber espionage campaign is more extensive in complexity, scope and duration of operations.  The analysis led to identification of multiple previously unknown command-and-control centers, and suggest that Sharpshooter began as early as September 2017, targeted a broader set of organizations, in more industries...

YouTube has blocked comments on videos featuring children which “could be at risk of attracting predatory behaviour". The site has moved to disable comments on tens of millions of videos this week after a user discovered a “wormhole into a soft-core paedophilia ring " on the video sharing website. It said that in future it would disable comments on all videos of "young minors". US-based YouTube user Matt Watson said he had found instances of commenters targeting videos of...

Police in England and Wales recorded 1,944 incidents of sexual communication with children in the six months to September 2018, the NSPCC said. Instagram was used in 32% of the 1,317 cases where a method was recorded, Facebook in 23% and Snapchat in 14%. Instagram and Facebook said they "aggressively" fought grooming, while Snapchat said it was "unacceptable". Following pressure from campaigners, sexual communication with a child became an offence in April 2017. Source: Reuters

U.S Secretary of State Mike Pompeo said on Friday that the world should be “eyes wide open” about the risks of using Chinese technology, and that there could be problems for American firms operating in certain places where Huawei equipment was deployed. Pompeo was asked during a visit to Manila about the prospect of the Philippines using Huawei 5G technology in future as it seeks to modernise outdated telecoms infrastructure. Source: Reuters