Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
10/23/2018 | 4:16:58 PM
Why not nation-state spammers?
> The recent Facebook breach that hit 30 million accounts was caused by spammers — not by a nation-state attack group 

...



> The reason the spammers want the information, according to Wired, has to do with the quality of phishing message that can be built with the granular data discovered in this breach. Whether the scammer is attempting to blackmail the user or just write a compelling spearphishing message, more data equals better results.




 

So... Can't it be both?
MelissaCombs
50%
50%
MelissaCombs,
User Rank: Apprentice
10/22/2018 | 3:49:58 AM
Re: Pending Review
great
izmirtabela
50%
50%
izmirtabela,
User Rank: Apprentice
10/20/2018 | 9:23:17 AM
izmir tabela
facebook is big spammer arround the world so much fake accounts


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-40684
PUBLISHED: 2021-09-22
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09, has an unauthenticated Jolokia HTTP endpoint which allows remote access to the JMX of the runtime container, which would allow an attacker the ability to read or modify the container or software running in...
CVE-2021-37860
PUBLISHED: 2021-09-22
Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP.
CVE-2019-6288
PUBLISHED: 2021-09-22
Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Command Injection via the command1 HTTP header to the /EXCU_SHELL URI.
CVE-2021-41011
PUBLISHED: 2021-09-22
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.
CVE-2021-40875
PUBLISHED: 2021-09-22
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresp...