Third-Party Apps – Page 2 – WindowsTechs.com

Third-party Facebook apps left people’s data publicly exposed, researchers say

Posted on April 3, 2019 by Joe Warminsky

Two separate exposures of sensitive information about Facebook users are the latest alarming discoveries by researchers at UpGuard. In both cases, the operators of third-party apps that connected to Facebook were storing data about people in Amazon Web Services S3 buckets configured for public access, said UpGuard, a Silicon Valley-based security company known for identifying misconfigured cloud services. One database originated with Mexico-based Cultura Colectiva, while the other was stored by the makers of an app called “At the Pool.” Both had been secured by Wednesday, UpGuard said. The Cultura Cultiva is the bigger of the two exposures, including 146 gigabytes of information about comments, likes, reactions, account names, Facebook IDs and more, UpGuard said. The “At the Pool” discovery, while not nearly as large, “contains plaintext (i.e. unprotected) Facebook passwords for 22,000 users,” UpGuard said. The company appears to have ceased operation in 2014, but this “should offer little consolation to the app’s end users whose […]

The post Third-party Facebook apps left people’s data publicly exposed, researchers say appeared first on CyberScoop.

Continue reading Third-party Facebook apps left people’s data publicly exposed, researchers say→

App Developers Left 540 Million Facebook Users’ Records on the Public Internet

Posted on April 3, 2019 by Joseph Cox

The exposures didn’t come from Facebook itself, but do show how data generated by one company can end up exposed thanks to another service. Continue reading App Developers Left 540 Million Facebook Users’ Records on the Public Internet→

Source Defense raises $10 million for website supply chain solution

Posted on September 26, 2018 by Zaid Shoorbajee

Source Defense, a startup that is promising a remedy for breaches caused by flawed third-party web applications, announced Wednesday that it raised $10 million in Series A funding. The Israeli company says that it provides a first-of-its-kind solution for preventing website supply chain attacks. The company’s product sits on a customer’s website and automatically monitors access and permissions of third-party apps that operate on it. The use of third-party code for web apps on websites has been a salient risk as of late. Several companies, including Newegg, British Airways and Ticketmaster UK, have fallen victim to card skimming schemes at the hands of the threat group Magecart in recent months. The group exploits vulnerable or compromised JavaScript code that companies place on their websites, intending to use it for things like chat clients and payment tools. Source Defense says that its solution is simple to implement — ironically, by having […]

The post Source Defense raises $10 million for website supply chain solution appeared first on Cyberscoop.

Continue reading Source Defense raises $10 million for website supply chain solution→

App developers are STILL allowed to read your Gmails

Posted on September 24, 2018 by Danny Bradbury

Google is still allowing third-party developers access to access its users’ Gmail data, it said in a letter to Senators last week. Continue reading App developers are STILL allowed to read your Gmails→

Why You Should Do Your Homework Before Investing in Enterprise Blockchains

Posted on August 7, 2018 by Brett Valentine

Organizations looking to invest in enterprise blockchains to unify and secure transactions and data records should do their homework before trusting a vendor with their most sensitive information.

The post Why You Should Do Your Homework Before Investing in Enterprise Blockchains appeared first on Security Intelligence.

Continue reading Why You Should Do Your Homework Before Investing in Enterprise Blockchains→

Someone else is reading your Gmails

Posted on July 4, 2018 by Danny Bradbury

Remember when privacy advocates used to worry about Google scanning your email? Well now, they have another problem on their hands: real people reading them. Continue reading Someone else is reading your Gmails→

Why Privileged Access Management Is Key to Preventing Insider Threats

Posted on June 20, 2018 by Sue Poremba

To protect their networks from insider threats, security teams need greater visibility into privileged accounts held by both employees and third-party vendors.

The post Why Privileged Access Management Is Key to Preventing Insider Threats appeared first on Security Intelligence.

Continue reading Why Privileged Access Management Is Key to Preventing Insider Threats→

The post Five Key IT Security Best Practices to Safeguard Your Expanding Business appeared first on Security Intelligence.

Continue reading Five Key IT Security Best Practices to Safeguard Your Expanding Business→

Category Archives: Third-Party Apps

App Developers Left 540 Million Facebook Users’ Records on the Public Internet

Source Defense raises $10 million for website supply chain solution

App developers are STILL allowed to read your Gmails

Why You Should Do Your Homework Before Investing in Enterprise Blockchains

Someone else is reading your Gmails

Why Privileged Access Management Is Key to Preventing Insider Threats

Podcast: How Millions of Apps Leak Private Data

Mark Zuckerberg: ‘It Was My Mistake’ Facebook Compromised Data of 87 Million Users

Five Key IT Security Best Practices to Safeguard Your Expanding Business