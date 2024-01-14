Summary

Meta, formerly known as Facebook, has introduced a new feature called link history that allows users to view their browsing history within Meta’s apps. While it may seem convenient, the real motive behind this feature is to collect data for targeted advertising. The company aims to boost its ad revenue after Apple and other tech giants implemented changes that limit the data collected on users. Users who wish to opt out of personalized ads based on their browsing habits can do so following the provided links.

Critical Vulnerabilities Pose Security Threats in the New Year

Security teams are facing a busy start to 2024 as critical vulnerabilities continue to emerge. Recent security fixes include patches for several newly-reported issues in Chrome. Google has addressed some of these issues in the latest stable channel release for Chrome Desktop. It is crucial for users to apply these patches promptly to safeguard their systems.

Other vulnerabilities have also been identified:

– Rockwell Automation FactoryTalk Activation Manager software v4.00 contains out-of-bounds write bugs that could grant attackers full system control.

– Unitronics Vision Series PLCs and HMIs are being shipped with default administrative passwords, posing a risk of active exploitation.

– Ivanti Endpoint manager 2022 and earlier versions are vulnerable to SQL injection, making them susceptible to attacks from individuals within the same network.

Additionally, new exploits have been detected in the wild, including a Chrome heap buffer overflow and a vulnerability in Spreadsheet::ParseExcel, a Perl module used for parsing Excel files.

Watch Out for Twitter Account Hijackings

Security incidents involving Twitter accounts have recently occurred. Mandiant, a Google-owned security firm, had its account briefly hijacked, promoting cryptocurrency scams. Similarly, web3 firm CertiK also fell victim to a group of hackers who attempted to trick their crypto-conscious followers.

The exact methods used for these hijackings remain unclear. However, it serves as a reminder for all users to ensure that two-factor authentication (2FA) is enabled and to take precautions to protect tokens from phishing or unauthorized access.

Nigerian Fraudster Arrested for Business Email Compromise

A Nigerian national has been arrested and awaits extradition to the US on charges of defrauding two American charities through a business email compromise scheme. Olusegun Samson Adejorin allegedly used a credential-stealing tool to obtain sensitive information from the charities. He then requested large sums of cash to be released from one charity’s bank account to another, taking advantage of their investment services agreement.

If convicted, Adejorin could face substantial penalties, including up to 20 years for wire fraud charges, multiple years for unauthorized computer access, and identity theft charges.

In conclusion, Meta’s introduction of the link history feature aims to further expand its data collection for targeted advertising. Users should be cautious about potential security vulnerabilities and take preventive measures to protect their online accounts. Law enforcement continues to crack down on business email compromise schemes, emphasizing the importance of cybersecurity in the digital age.