40 million more “likely” affected If you were born in the late 80s, you probably know the meaning of AFK. Otherwise, not only that you likely have no clue what it is, but chances are that you never logged out of your account. And that was perfectly fine. Until today, when almost 90 million users have found themselves logged out of Facebook hours ago as a precaution to what appears to be the worst privacy blunder of the social network to date. And, yes, we’ve heard of Cambridge Analytica and the rest of the stories. The story, frame by frame As per Facebook’s announcement, almost 50 million accounts have been compromised through a daisy-chained vulnerability in the View As feature, which allowed an unknown party to snatch authentication tokens of these 50 million users. These authentication tokens allow you to stay logged into the account whenever you refresh the browser page, reboot the computer or put it to sleep. As long as you have the token, you are granted access to your accou..
Locating the right person for a job offer or a sales pitch often entails recruitment firms, lead generation services or other specialized vendors. But a San Francisco startup named Findera is launching this week what it sees as a simpler and cheaper solution for finding leads: a free vertical search engine optimized for business professionals. The company claims it is the first search engine designed for that purpose. Findera’s funders include Yahoo co-founder Jerry Yang and Salesforce and Visa board member Maynard Webb. How it works. The search engine is designed so that users can launch a single structured search with multiple attributes in addition to keywords, including name, location, position, department, time in a position, company name and size, revenue and other factors. The results can be saved to lists or exported to spreadsheets, and names can be bookmarked. Here’s the home screen: This enables searches like “VP of marketing” among companies with greater than $50 millio..
Facebook announced on Friday it had discovered a security breach affecting almost 50 million user accounts. The company says attackers exploited a vulnerability within the “View As” feature — a setting that lets users see what their profile looks like to other users. Currently Facebook doesn’t know if the attackers have misused the hacked accounts or accessed any information. The Security Breach. On September 25, Facebook’s engineering team discovered a security vulnerability in the app’s “View As” feature that resulted in 50 user million accounts being breached. According to Facebook’s announcement, the attackers were able to steal Facebook access tokens from code attached to the “View As” feature, and leverage the tokens to take over user accounts. (Access tokens are the digital keys that allow users to remain logged in without having to enter their password every time they access their account.) From Facebook’s announcement: This attack exploited the complex interaction of multip..
Like some physicist discovering the hidden nature of marketing, Scott Brinker recently unveiled his own theory of the relativity of opposing forces. In preparation for our MarTech Conference next week in Boston, where HubSpot VP Brinker is conference chair, he posted last month a thought piece on “The 4 Forces of Marketing Operations & Technology.” As marketers face rapid change, he said, there are two sets of opposing forces that must be balanced: Don’t these two sets of competing forces, I recently asked Brinker, affect virtually every dynamic system, whether marketing, politics or the stock market? Or is there something intrinsic to marketing that creates this perpetual balancing act? Centralization to make decentralization possible. It may exist broadly across all kinds of systems, he replied, but it’s particularly endemic to the field of marketing. And it’s a push/pull, not an either/or. “You centralize the right things,” he said, “and then it makes greater decentralization ..
A Taiwanese bug hunter says that he will livestream his attempt to delete Mark Zuckerberg’s Facebook page this weekend. Chang Chi-yuan is something of a minor celebrity in Taiwan, having regularly publicised security holes in online services, and even appeared on TV talk shows describing how boredom has driven him to “dabble” in hunting for bugs in the hope of earning cash through bounties.His past activities have seen him recognised in, for instance, on the “Hall of fame” page of Japan’s popular Line messaging service But perhaps Chang Chi-yuan became most notorious when he was reportedly sued for hacking into a Taiwanese bus operator and buying a ticket for just one Taiwanese dollar (equivalent to a mere US $0.03). Perhaps unsurprisingly, the bus company was not amused. More recently Chang has claimed to have found a loophole in Apple Pay that allowed him to buy 500 iPhones for just one Taiwanese dollar.The method Chang might use to erase Mark Zuckerberg’s Facebook page hasn..
Graphic from 33Across Only in an industry like digital advertising would the ability to show most of the ad for at least one second be considered a feature. Ad platform 33Across has decided that viewability should instead be a standard, so it has launched AttentionX, which it describes as the first open ad exchange containing only viewable ad inventory. “Human [viewers] and viewable [inventory] must be the foundation for programmatic buying,” CEO Eric Wheeler said in a statement. Viewable versus non-viewable. The inventory on most open exchanges, according to his company, can be 50 to 70 percent non-viewable. Higher levels of viewability can exist on a private marketplace, Wheeler told me, but that requires custom arrangements and viewability guarantees. In 2015, 33Across announced a 100 percent viewability guarantee, where non-viewable ads would be refunded to the advertiser. But Wheeler pointed out that his company was then supplying other exchanges with its inventory and its gu..
The tech stack and IP address history for Beadfest.com, per Notablist Two New York City-based companies are — separately — making available their internal marketing data: Parse.ly is unveiling its “attention map” of Net topics, and Notablist is detailing the tech stacks behind brands’ emails. About the Currents platform. Parse.ly’s new Currents attention platform is out in a free version and two premium levels. The company claims it is the first to provide an aggregated depiction of actual browser and app sessions of content and audience attention, without employing info from social media and search engines. The data is aggregated from the company’s Analytics core platform, which measures internet topics for individual brands. It assesses the interests of a billion people reading 8 million articles monthly across the 3,000 websites and several dozen apps owned by 400 media companies that are Parse.ly’s clients, with such groupings as story clusters, topics, categories, traffic sourc..
Women’s fashion retailer SHEIN has suffered a major security breach that has exposed the personal information and passwords of over six million customers. In a press statement, SHEIN reveals that it discovered on August 22 2018 that malicious hackers had compromised its computer network, and that between June and early August 2018 customer email addresses and “encrypted password credentials” had been stolen. According to the company, malware had opened backdoors on corporate servers through which the attackers had stolen data associated with approximately 6.42 million customers. What hasn’t been disclosed is how the malware came to be planted on SHEIN’s servers, and says it is against its policy to discuss the specific details, but SHEIN does say that the security holes exploited by the hackers have now been closed. From the description, the attack against SHEIN does not appear to bear the hallmarks of the Magecart attacks which have impacted a number of sites in recent months, inc..
Ahead of Wednesday’s Senate hearing with top tech firms on the state of consumer data privacy, several pro-business groups have made their voices on the matter known. The latest is from the government itself. The National Telecommunications and Information Administration (NTIA) on Tuesday added an “unpublished notice” to the Federal Registry asking for public comment on the subject. The International Association of Privacy Professionals (IAPP) was the first to report the news. NTIA’s notice takes a pro-business tack saying, “The time is ripe for this Administration to provide the leadership needed to ensure that the United States remains at the forefront of enabling innovation with strong privacy protections.” The NTIA made similar statements earlier earlier this year when its administrator, David J. Redl, an assistant secretary of the US Department of Commerce, spoke about the administration’s concerns about data privacy laws like Europe’s General Data Protection Regulation (GDPR)...
If you want a discount on your next flight or hotel reservation, or maybe an upgrade to business class, you might try looking in unexpected places. Who would have thought frequent flyer miles could be purchased on the Dark Web? There’s a first time for everything and, yes, there is a black market for air miles – Dream Market, Olympus Market and Berlusconi Market. Aren’t drugs profitable anymore? Or maybe hackers are bored and trying to expand operations. Points can be reclaimed through gift cards, and identification is rarely required, which makes it very easy for criminals to further use. In August, researchers from CompariTech came across a list on the marketplace and researched to see how much they’re actually worth. Rewards from more than a dozen airline programs, including Emirates Skywards, SkyMiles and Asia Miles, were on sale “at a fraction of the cost,” with prices based on Bitcoin or Monero. The minimum purchase is for 100,000 points at a fluctuating price of $884, the comp..