Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts
Cybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions using malicious ads and fake websites to steal sensitive data
Covers how social media can expose personal data, spread scams, enable account takeover, and provide channels for influence or abuse.
Search across headline titles and summaries.
Background for this topic.
Social media comprises online services where people and organizations publish content, communicate, and form networks. The term covers public posts, private messages, groups, live streams, advertising systems, and the APIs and third-party applications that process platform data.
For security teams, these platforms expose identity, relationship, and behavioral information that can support targeted phishing, impersonation, or social engineering. Compromised accounts may be used to distribute malicious links or fraud, while excessive sharing and poorly controlled integrations can expose personal or corporate data. Relevant controls include strong authentication, phishing-resistant account recovery, least-privilege access for connected applications, monitoring for brand and executive impersonation, and clear retention and privacy policies. Public posts and platform telemetry can also provide threat intelligence, but collection and use may be constrained by privacy obligations and applicable data-protection rules.
Cybersecurity researchers have disclosed two new campaigns that are serving fake browser extensions using malicious ads and fake websites to steal sensitive data
'The practice… has since been fixed,' Pentagon official tells The Reg The US Department of Defense, up until this week, routinely left its social media accounts wide open to hijackers via stream keys - unique, confidential identifiers generated by streaming platforms for broadcasting content. If exposed, these keys can allow attackers to output anything they want from someone else's channel.…
Meta shrugs off allegations of improper dismissal, ignoring privacy and security WhatsApp's former head of security, Attaullah Baig, has filed a lawsuit against its parent company, Meta, alleging that the social media megalith retaliated against him for reporting security failings that violated legal commitments.…