Welcome to Defense in Brief, the Aptible team’s curated selection of the best security, compliance, and DevOps articles from around the Internet. We hope you enjoy!
In what appears to be Twitter’s first GDPR probe, the company is being investigated over its failure to provide information to users regarding its t.co link-shortening service.
Google decided it was not legally required to disclose that vulnerabilities in Google Plus exposed the data of up to 500,000 users. That decision raised eyebrows in light of an internal Google memo which stated that disclosure would invite regulatory scrutiny. As a result, Google decided to shut down its Google Plus service.
Three flaws allowed attackers to break into Facebook accounts–including Mark Zuckerberg’s–and possibly third-party apps that let users login with their Facebook credentials. The breach affected nearly 50 million user accounts and comes at a terrible time for Facebook, which is already facing scrutiny over how it handles user data (see below!).
Voice phishing scams are becoming both more prevalent and more sophisticated. So how do you avoid them? Unfortunately, the best method might be to just ignore calls from unknown numbers.
Researchers have discovered that Facebook is using the contact information that users enter for security purposes (and information users didn’t give it at all but that was entered by friends) for the purpose of targeting users with ads.
Aptible's Defense in Brief is a free security awareness update newsletter for modern, cloud-based teams. Once a month, you will receive a digest of interesting and useful articles on security, compliance, and DevOps. We cover topics like new attacks against web services, users and devices, new social engineering and phishing methods, data breaches, and legal, regulatory and political current events related to privacy and security.