Pnuel Solutions
We put our best skills and experiences to complete your projects making it a first class lasting Work.
19/05/2020
Undoubtedly, COVID-19 has brought a global crisis and businesses have not been spared. It is therefore necessary we sharpen our sense of recognition to identify opportunities and learn requisite strategies needed to succeed in the new normal. This training promises to make you understand the *'HOW'* of business success during and beyond crisis. Register today by clicking https://tinyurl.com/ATP2SM1
28/04/2019
Wao, My beloved facebook, my beloved Mark
New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches
April 27, 2019***Credit to Swati Khandelwal***
facebook privacy investigation fine
Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner.
Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy violations, it seems to be just first installment of what Facebook has to pay for continuously ignoring users' privacy.
This week, Facebook has been hit with three new separate investigations from various governmental authorities—both in the United States and abroad—over the company's mishandling of its users' data.
New York Attorney General to Investigate Facebook Email Collection Scandal
New York Attorney General is opening an investigation into Facebook's unauthorized collection of the email contacts of more than 1.5 million users during site registration without their permission.
Earlier this month, Facebook was caught practicing the worst ever user-verification mechanism by asking users new to its social network platform for their email account passwords to verify their identity.
However, just last week it turned out that the social network "unintentionally" uploaded email contacts from up to 1.5 million new users on its servers, without their consent or knowledge, Facebook admitted while saying the data was reportedly used to "build Facebook's web of social connections and recommend friends to add."
According to the New York Attorney General Letitia James, the harvested email addresses may have exposed hundreds of millions of Facebook users to targeted advertisements.
"Facebook has repeatedly demonstrated a lack of respect for consumer information while at the same time profiting from mining that data," James said in a statement, adding that now it's time that the social media company should "held accountable for how it handles consumers' personal information."
In response to the news, a Facebook spokesperson told The NY Times that the company is "in touch with the New York State attorney general's office and are responding to their questions on this matter."
Ireland Investigating into Facebook Over Plaintext Passwords Scandal
The Irish Data Protection Commission had begun an investigation into a separate Facebook's privacy bunder exposed last month when the social network revealed that it left hundreds of millions of passwords of Facebook, Facebook Lite and Instagram users exposed in plain text on company servers.
At the time, it was reported that the incident exposed "tens of thousands" passwords of Instagram users in plaintext, while just last week it was revealed that the actual number of affected Instagram users were not in hundreds of thousands but millions.
The exposed passwords were potentially dated back to 2012 and were accessible to up to 2,000 Facebook employees.
In a statement on Thursday, the Irish Data Protection Commissioner said it has launched "a statutory inquiry in relation to this issue to determine whether Facebook has complied with its obligations under relevant provisions" of the European Union's General Data Protection Regulation (GDPR) designed to protect people's data.
Canada to Sue Facebook Over Cambridge Analytica Scandal
Canadian regulators are also suing Facebook for allegedly violating the country's privacy laws following their investigation into the March 2018's Cambridge Analytica scandal and its impact on Canadians.
A joint report published Thursday from Canadian privacy commissioner Daniel Therrien and his British Columbia counterpart said lax security practices at the company allowed personal information of hundreds of thousands of Canadians to be used for political purposes.
The watchdogs started investigating Facebook last year after it was revealed that a UK political consultancy Cambridge Analytica harvested data from about 87 million users and then used it for political gain without their knowledge or permission.
The report said Facebook committed a "major breach of trust" and "abdicated its responsibility for personal information under its control, effectively shifting that responsibility to users and apps."
The United States FTC is also investigating Facebook over the Cambridge Analytica scandal, and the company has already kept aside $5 billion from its revenue in anticipation of the settlement with the commission.
Have something to say about this article? Comment below or share it
28/04/2019
New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches
April 27, 2019***Credit to Swati Khandelwal***
facebook privacy investigation fine
Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner.
Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy violations, it seems to be just first installment of what Facebook has to pay for continuously ignoring users' privacy.
This week, Facebook has been hit with three new separate investigations from various governmental authorities—both in the United States and abroad—over the company's mishandling of its users' data.
New York Attorney General to Investigate Facebook Email Collection Scandal
New York Attorney General is opening an investigation into Facebook's unauthorized collection of the email contacts of more than 1.5 million users during site registration without their permission.
Earlier this month, Facebook was caught practicing the worst ever user-verification mechanism by asking users new to its social network platform for their email account passwords to verify their identity.
However, just last week it turned out that the social network "unintentionally" uploaded email contacts from up to 1.5 million new users on its servers, without their consent or knowledge, Facebook admitted while saying the data was reportedly used to "build Facebook's web of social connections and recommend friends to add."
According to the New York Attorney General Letitia James, the harvested email addresses may have exposed hundreds of millions of Facebook users to targeted advertisements.
"Facebook has repeatedly demonstrated a lack of respect for consumer information while at the same time profiting from mining that data," James said in a statement, adding that now it's time that the social media company should "held accountable for how it handles consumers' personal information."
In response to the news, a Facebook spokesperson told The NY Times that the company is "in touch with the New York State attorney general's office and are responding to their questions on this matter."
Ireland Investigating into Facebook Over Plaintext Passwords Scandal
The Irish Data Protection Commission had begun an investigation into a separate Facebook's privacy bunder exposed last month when the social network revealed that it left hundreds of millions of passwords of Facebook, Facebook Lite and Instagram users exposed in plain text on company servers.
At the time, it was reported that the incident exposed "tens of thousands" passwords of Instagram users in plaintext, while just last week it was revealed that the actual number of affected Instagram users were not in hundreds of thousands but millions.
The exposed passwords were potentially dated back to 2012 and were accessible to up to 2,000 Facebook employees.
In a statement on Thursday, the Irish Data Protection Commissioner said it has launched "a statutory inquiry in relation to this issue to determine whether Facebook has complied with its obligations under relevant provisions" of the European Union's General Data Protection Regulation (GDPR) designed to protect people's data.
Canada to Sue Facebook Over Cambridge Analytica Scandal
Canadian regulators are also suing Facebook for allegedly violating the country's privacy laws following their investigation into the March 2018's Cambridge Analytica scandal and its impact on Canadians.
A joint report published Thursday from Canadian privacy commissioner Daniel Therrien and his British Columbia counterpart said lax security practices at the company allowed personal information of hundreds of thousands of Canadians to be used for political purposes.
The watchdogs started investigating Facebook last year after it was revealed that a UK political consultancy Cambridge Analytica harvested data from about 87 million users and then used it for political gain without their knowledge or permission.
The report said Facebook committed a "major breach of trust" and "abdicated its responsibility for personal information under its control, effectively shifting that responsibility to users and apps."
The United States FTC is also investigating Facebook over the Cambridge Analytica scandal, and the company has already kept aside $5 billion from its revenue in anticipation of the settlement with the commission.
Have something to say about this article? Comment below or share it
26/04/2019
Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension
April 26, 2019**credit to Swati Khandelwal**
wordpress woocommerce security plugin
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store.
A WordPress security company—called "Plugin Vulnerabilities"—that recently gone rogue in order to protest against moderators of the WordPress’s official support forum has once again dropped details and proof-of-concept exploit for a critical flaw in a widely-used WordPress plugin.
To be clear, the reported unpatched vulnerability doesn't reside in the WordPress core or WooCommerce plugin itself.
Instead, the vulnerability exists in a plugin, called WooCommerce Checkout Manager, that extends the functionality of WooCommerce by allowing eCommerce sites to customize forms on their checkout pages and is currently being used by more than 60,000 websites.
The vulnerability in question is an "arbitrary file upload" issue that can be exploited by unauthenticated, remote attackers if the vulnerable sites have "Categorize Uploaded Files" option enabled within WooCommerce Checkout Manager plugin settings.
"From the more technical aspect, vulnerability occurs inside 'includes/admin.php' file at line 2084 on which application is moving given files to a directory using 'move_uploaded_file' without prior proper check for allowed files," explains a blog post published Thursday by web application security platform WebARX, who warned their users after Plugin Vulnerabilities made the flaw public.
If exploited, the flaw could allow attackers to execute arbitrary server-side script code in the context of the web server process and compromise the application to access or modify data or gain administrative access.
wordpress woocommerce security plugin
WooCommerce Checkout Manager version 4.2.6, which is the latest available plugin at the time of writing, is vulnerable to this issue.
If your WordPress website is using this plugin, you are advised to either disable "Categorize Uploaded Files" option in the setting or disable the plugin completely until a new patched version becomes available.
This is not the first time when the company called Plugin Vulnerabilities inappropriately disclosed an unpatched flaw in the public.
The company has continuously been disclosing vulnerabilities in various WordPress plugins since after they had issues with the WordPress forum moderators.
Since at least past two years the team behind Plugin Vulnerabilities has deliberately been releasing details of newly discovered vulnerabilities directly on the WordPress Support forum, instead of reporting them to the respective plugin authors directly, violating the forum’s rules.
In response to this inappropriate behavior, the WordPress.org moderators eventually blacklisted Plugin Vulnerabilities from their official forum after multiple warnings and banning all their accounts.
However, this did not stop Plugin Vulnerabilities, who since then started disclosing details of new, unpatched WordPress plugin vulnerabilities on their own website, putting the whole ecosystem, websites and their users at risk.
Have something to say about this article? Comment below or share it
Click here to claim your Sponsored Listing.
Category
Contact the business
Telephone
Website
Address
Lagos