Facebook CEO Mark Zuckerberg Admits It is "Breach of Trust" on Cambridge Analytica Scandal

Facebook CEO Mark Zuckerberg Admits It is "Breach of Trust" on Cambridge Analytica Scandal.

Biggest social media platform Facebook involving Cambridge Analytica breach. Currently, Facebook has 2 Billion active users monthly.

Who is Cambridge Analytica (CA)?

Cambridge Analytica is a privately held company that combines data mining, data brokerage, and data analysis with strategic communication for the electoral process. It was founded in 2013.

In 2015, it became known as the data analysis company working initially for Ted Cruz's presidential campaign. In 2016 CA worked for Donald Trump's presidential campaign, and on the Leave. EU-campaign for the United Kingdom's withdrawal from the European Union.

What is Cambridge Analytica Data Scandal?

On 17 March 2018, The New York Times and The Observer reported on Cambridge Analytica's use of personal information acquired from Facebook, without users' permission, by an external researcher who claimed to be collecting it for academic purposes. In response, Facebook banned Cambridge Analytica from advertising on its platform.

The Guardian further reported that Facebook had known about this security breach for two years but had done nothing to protect its users.

Mark Zuckerberg talked about it in his Facebook post,

"I want to share an update on the Cambridge Analytica situation -- including the steps we've already taken and our next steps to address this important issue.

We have a responsibility to protect your data, and if we can't then we don't deserve to serve you. I've been working to understand exactly what happened and how to make sure this doesn't happen again. The good news is that the most important actions to prevent this from happening again today we have already taken years ago. But we also made mistakes, there's more to do, and we need to step up and do it.

Here's a timeline of the events:

In 2007, we launched the Facebook Platform with the vision that more apps should be social. Your calendar should be able to show your friends' birthdays, your maps should show where your friends live, and your address book should show their pictures. To do this, we enabled people to log into apps and share who their friends were and some information about them.

In 2013, a Cambridge University researcher named Aleksandr Kogan created a personality quiz app. It was installed by around 300,000 people who shared their data as well as some of their friends' data. Given the way our platform worked at the time this meant Kogan was able to access tens of millions of their friends' data.

In 2014, to prevent abusive apps, we announced that we were changing the entire platform to dramatically limit the data apps could access. Most importantly, apps like Kogan's could no longer ask for data about a person's friends unless their friends had also authorized the app. We also required developers to get approval from us before they could request any sensitive data from people. These actions would prevent any app like Kogan's from being able to access so much data today.

In 2015, we learned from journalists at The Guardian that Kogan had shared data from his app with Cambridge Analytica. It is against our policies for developers to share data without people's consent, so we immediately banned Kogan's app from our platform, and demanded that Kogan and Cambridge Analytica formally certify that they had deleted all improperly acquired data. They provided these certifications.

Last week, we learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified. We immediately banned them from using any of our services. Cambridge Analytica claims they have already deleted the data and has agreed to a forensic audit by a firm we hired to confirm this. We're also working with regulators as they investigate what happened.

This was a breach of trust between Kogan, Cambridge Analytica and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.

In this case, we already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people's information in this way. But there's more we need to do and I'll outline those steps here:

First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.

Second, we will restrict developers' data access even further to prevent other kinds of abuse. For example, we will remove developers' access to your data if you haven't used their app in 3 months. We will reduce the data you give an app when you sign in -- to only your name, profile photo, and email address. We'll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we'll have more changes to share in the next few days.

Third, we want to make sure you understand which apps you've allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you've used and an easy way to revoke those apps' permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.

Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.

I started Facebook, and at the end of the day I'm responsible for what happens on our platform. I'm serious about doing what it takes to protect our community. While this specific issue involving Cambridge Analytica should no longer happen with new apps today, that doesn't change what happened in the past. We will learn from this experience to secure our platform further and make our community safer for everyone going forward.

I want to thank all of you who continue to believe in our mission and work to build this community together. I know it takes longer to fix all these issues than we'd like, but I promise you we'll work through this and build a better service over the long term."


Zuckerberg given interview to CNN,

Security isn't a problem that you ever fully solve," Zuckerberg told Segall on Wednesday night. "We're going to be working on this forever, as long as this community remains an important thing in the world."

INDIA shuts down the local website of Cambridge Analytica.

Ravi Shankaar prasad , Information Technology Minister of India has said in Twitter @rsprasad,
We welcome the fact that facebook has one of the highest number of users from India but if any theft of data of Indians takes place in collusion with other companies for manipulation of democratic processes then that will not be tolerated. 

Facebook shares going down, after the Mark has been confirmed data breach.

Game of Thrones Social Media Accounts Gets Hacked Just After Its Latest Episode Leak

Game of Thrones Social Media Accounts Gets Hacked Just After Its Latest Episode Leak.

The Game of Thrones official Twitter and Facebook Account gets Hacked. Hacker Group OurMine tweeted from Game of Thrones Official Twitter account and said,

Hi, OurMine are here, we are just testing your security , HBO team please contact us to upgrade the security .

• OurMine is one of the most notorious hacking group from Saudi Arabia that previously hacked top social media accounts of Companies and Business Persons including Twitter CEO Jack Dorsey, Facebook CEO Mark Zuckerberg, Google CEO Sundar Pichai, Wikipedia co-founder Jimmy Wales and many more.

HBO has been going through a tough time even before this OurMine hacks came into the place. Earlier, HBO itself leaked Game of Thrones Episode 6 accidentally.

Last month we have reported Game Of Thrones Scripts Got Hacked, Hackers claimed to have obtained 1.3 Terabytes (TB) of data stolen from the company. Upcoming episodes of Ballers and Room 104 have apparently been hacked, Hackers group were also demanding a ransom of approx $6 Million in Bitcoins.

Wiklieaks Vault 7 New CIA Exploit Tool For Mac OS And Linux Published

Wiklieaks Vault 7 New CIA Exploit Tool For Mac OS and Linux Published.

This series is made of three hacking exploits, Achilles, SeaPea and Aeris.

Wikileaks published two new exploits tool for Mac and Linux operating system under codenamed Imperial, project by CIA. It is targeting Macs, Debian, Red Hat, Solaris, FreeBSD and Centos.

WikiLeaks publishes documents, the 'Imperial' project of the CIA.

Achilles is a capability that provides an operator the ability to trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.

Aeris is an automated implant written in C that supports a number of POSIX-based systems (Debian, RHEL, Solaris, FreeBSD, CentOS). It supports automated file exfiltration, configurable beacon interval and jitter, standalone and Collide-based HTTPS LP support and SMTP protocol support - all with TLS encrypted communications with mutual authentication. It is compatible with the NOD Cryptographic Specification and provides structured command and control that is similar to that used by several Windows implants.

SeaPea is an OS X Rootkit that provides stealth and tool launching capabilities. It hides files/directories, socket connections and/or processes. It runs on Mac OSX 10.6 and 10.7.

Previous project #Vault7 Leaks

UCL / Raytheon:  Raytheon Blackbird Technologies acted as a kind of "technology scout" for the Remote Development Branch (RDB) of the CIA by analysing malware attacks in the wild and giving recommendations to the CIA development teams for further investigation and PoC development for their own malware projects.

HighRise: HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts. HighRise acts as a SMS proxy that provides greater separation between devices in the field ("targets") and the listening post (LP) by proxying "incoming" and "outgoing" SMS messages to an internet LP. Highrise provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication.

Source Code For SLocker Android Ransomware That Mimics WannaCry Leaked Online

Bad news for Android users — Source code of for one of the oldest mobile and popular Android ransomware families has been leaked online, making it available for cyber criminals who can use it to develop more customised and advanced variants of Android ransomware.

Source code for the SLocker ransomware, which saw a six-fold increase in the number of new versions over the past six months, has just been leaked on GitHub and is now available to anyone who wants it.

The SLocker source code has been leaked by a user who uses 'fs0c1ety' as an online moniker and is urging all GitHub users to contribute to the code and submit bug reports.

SLocker or Simple Locker is mobile lock screen and file-encrypting ransomware that encrypts files on the phone and uses the Tor for command and control (C&C) communication. The malware also posed as law enforcement agencies to convince victims into paying the ransom.

Famous for infecting thousands of Android devices in 2016, security researchers discovered more than 400 new variants of SLocker ransomware in the wild in May, and just after a month, the nasty Android ransomware was spotted copying the GUI of WannaCry.

Once infected, SLocker runs silently in the background of a victim's device without their knowledge or consent and encrypts images, documents and videos on mobile devices.

Once it has encrypted files on the device, the Android ransomware hijacks the phone, blocking its user access completely, and attempts to threaten the victim into paying a ransom to unlock it.

Why Should You Worry?

Being in action from 2015, SLocker stands out as one of the first ransomware samples to encrypt Android files. The malware has modified beyond just locking screens and demanding payment to taking over administrative rights and controlling the device's microphone, speakers, and the camera.

And now since the source code of this nasty Android ransomware has been released online on GitHub, Android devices are most likely to receive an increasing number of ransomware attacks in upcoming days.

The leaked source code would be a golden opportunity for those who always look for such opportunities as these kinds of malware programs are only offered for sale in underground forums, but SLocker is now accessible to cybercriminals and fraudsters for FREE.

Earlier this year, researchers discovered a variant of BankBot banking trojan in the wild which was developed using the leaked source code for the malware on an underground hacking forum.

Last year, the source code for the MazarBot (improved version of GM Bot) was also leaked online by its author in order to gain reputation on an underground forum.

How to Protect Yourself?

As I previously mentioned, users are always advised to follow some basic precautions in order to protect themselves against such threats:

• Never open email attachments from unknown sources.
• Never click on links in SMS or MMS messages.
• Even if the email looks legit from some company, go directly to the source website and verify any possible updates.
• Go to Settings → Security, and Turn OFF "Allow installation of apps from sources other than the Play Store."
• Always keep your Android devices, apps and Antivirus app up-to-date.
• Avoid unknown and unsecured Wi-Fi hotspots and keep Wi-Fi switched off when not in use.

WIkiLeaks Reveals CIA Teams Up With Tech to Collect Ideas For Malware Development

As part of its ongoing Vault 7 leaks, the whistleblower organisation WikiLeaks today revealed about a CIA contractor responsible for analysing advanced malware and hacking techniques being used in the wild by cyber criminals.

According to the documents leaked by WikiLeaks, Raytheon Blackbird Technologies, the Central Intelligence Agency (CIA) contractor, submitted nearly five such reports to CIA as part of UMBRAGE Component Library (UCL) project between November 2014 and September 2015.

These reports contain brief analysis about proof-of-concept ideas and malware attack vectors — publically presented by security researchers and secretly developed by cyber espionage hacking groups.

Reports submitted by Raytheon were allegedly helping CIA's Remote Development Branch (RDB) to collect ideas for developing their own advanced malware projects.

It was also revealed in previous Vault 7 leaks that CIA's UMBRAGE malware development teams also borrow codes from publicly available malware samples to built its own spyware tools.

Here's the list and brief information of each report:

Report 1 — Raytheon analysts detailed a variant of the HTTPBrowser Remote Access Tool (RAT), which was probably developed in 2015.

The RAT, which is designed to capture keystrokes from the targeted systems, was being used by a Chinese cyber espionage APT group called 'Emissary Panda.'

Report 2 — This document details a variant of the NfLog Remote Access Tool (RAT), also known as IsSpace, which was being used by Samurai Panda, Identified as another Chinese hacking group.

Equipped with Adobe Flash zero-day exploit CVE-2015-5122 (leaked in Hacking Team dump) and UAC bypass technique, this malware was also able to sniff or enumerate proxy credentials to bypass Windows Firewall.

Report 3 — This report contains details about "Regin" -- a very sophisticated malware sample that has been spotted in operation since 2013 and majorly designed for surveillance and data collection.

Regin is a cyber espionage tool, which is said to be more sophisticated than both Stuxnet and Duqu and is believed to be developed by the US intelligence agency NSA.

The malware uses a modular approach that allowed an operator to enable a customised spying. Regin's design makes the malware highly suited for persistent, long-term mass surveillance operations against targets

Report 4 — It details a suspected Russian State-sponsored malware sample called "HammerToss," which was discovered in early 2015 and suspected of being operational since late 2014.

What makes HammerToss interesting is its architecture, which leverages Twitter accounts, GitHub accounts, compromised websites, and Cloud-storage to orchestrate command-and-control functions to execute the commands on the targeted systems.

Report 5 — This document details the self-code injection and API hooking methods of information stealing Trojan called "Gamker."

Gamker uses simple decryption, then drops a copy of itself using a random filename and injects itself into a different process. The trojan also exhibits other typical trojan behaviours.

Previous Vault 7 CIA Leaks

Last week, WikiLeaks revealed CIAs Highrise Project that allowed the spying agency to stealthy collect and forwards stolen data from compromised smartphones to its server through SMS messages.

Since March, the whistle-blowing group has published 17 batches of "Vault 7" series, which includes the latest and last week leaks, along with the following batches:

• BothanSpy and Gyrfalcon — two alleged CIA implants that allowed the spying agency to intercept and exfiltrate SSH credentials from targeted Windows and Linux operating systems using different attack vectors.
• OutlawCountry – An alleged CIA project that allowed it to hack and remotely spy on computers running the Linux operating systems.
• ELSA – the alleged CIA malware that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system.
• Brutal Kangaroo – A tool suite for Microsoft Windows used by the agency to targets closed networks or air-gapped computers within an organisation or enterprise without requiring any direct access.
• Cherry Blossom – An agency's framework, basically a remotely controllable firmware-based implant, used for monitoring the Internet activity of the targeted systems by exploiting vulnerabilities in Wi-Fi devices.
• Pandemic – A CIA's project that allowed the agency to turn Windows file servers into covert attack machines that can silently infect other computers of interest inside a targeted network.
• Athena – A CIA's spyware framework that has been designed to take full control over the infected Windows PCs remotely, and works against every version of Microsoft's Windows operating systems, from Windows XP to Windows 10.
• AfterMidnight and Assassin – Two alleged CIA malware frameworks for the Microsoft Windows platform that has been designed to monitor and report back actions on the infected remote host computer and execute malicious actions.

• Scribbles – A piece of software allegedly designed to embed 'web beacons' into confidential documents, allowing the spying agency to track insiders and whistleblowers.
• Grasshopper – Framework that allowed the spying agency to easily create custom malware for breaking into Microsoft's Windows and bypassing antivirus protection.
• Marble – Source code of a secret anti-forensic framework, basically an obfuscator or a packer used by the CIA to hide the actual source of its malware.
• Dark Matter – Hacking exploits the agency designed to target iPhones and Macs.
• Weeping Angel – Spying tool used by the agency to infiltrate smart TV's, transforming them into covert microphones.
• Year Zero – Alleged CIA hacking exploits for popular hardware and software.

Ashley Madison to Pay $11.2 Million to Data Breach Victims

Ashley Madison, an American most prominent dating website that helps people cheat on their spouses has been hacked, has agreed to an $11.2 Million settlement for roughly 37 million users whose personal details were exposed in a massive data breach two years ago.


Though the parent company of Ashley Madison, Ruby Corp., denies any wrongdoing, the company has pledged to pay around $3,500 to each of the hack's victims for the settlement.
The settlement has to be reviewed by a federal judge in St. Louis.

Ashley Madison marketed itself as a means to help people cheat on their spouses, with a tagline "Life is short. Have an affair."

The site was breached in July 2015 and hackers dumped nearly 100 gigabytes' worth of sensitive data belonging to 37 million users of the casual sex and marriage affair website onto the dark web.

The leaked data included victims' usernames, first and last names, email addresses, passwords, credit card data information, street names, phone numbers, and transactions records, which led to blackmails and even suicides.

The 2015 data breach cost Ruby Corp, formerly known as Avid Life, over a quarter of its revenue and forced the Toronto-based company to spend millions of dollars to boost security and user privacy.

Ruby Corp was already forced to pay $1.66 Million to settle charges from Federal Trade Commission (FTC) and 13 states, alleging that the service misled its consumers about its privacy policy and didn't do enough to protect their information.

Besides this, the company also agreed to 20 years' worth of the FTC overseeing its network security to ensure that its user data is being protected. This includes:

• Performing a risk assessment to protect customer data.
• Implementing new data security protocols.
• Upgrading systems based on the assessments.
• Offering periodic security risk assessment (both internal and third-party).
• Requiring "reasonable safeguards" against any potential cyber attacks from their service providers.

Now, according to Reuters, the company has to pay $11.2 million to users who were affected by the breach – users with valid claims can get up to $3,500 depending on their losses attributable to the breach.