#AxisOfEasy 257: An Update To Facebook’s Link Schema Aims To Fight Privacy Browsers And Privacy Plugins


Weekly Axis Of Easy #257


Last Week’s Quote was  “Men, it has been well said, think in herds; it will be seen that they go mad in herds, while they only recover their senses slowly, and one by one,” was by Charles Mackay.  We got two correct guesses, but Dale got the right answer first!  Well done.

This Week’s Quote: “The things you think about determine the quality of your mind. Your soul takes on the color of your thoughts.” … by ???

THE RULES:  No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize:
First person to post the correct answer gets their next domain or hosting renewal on us.


This is your easyDNS #AxisOfEasy Briefing wherein our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
 

In this issue:

  • Reuter’s study revealed the Kremlin’s secret operations in Ukraine
  • An update to Facebook’s link schema aims to fight privacy browsers and privacy plugins
  • For the first time in its history, Meta reported a decline in revenue and missed earnings expectations
  • Kaspersky discovered malicious Npm packages designed to steal Discord tokens
  • Court Documents Reveal Canada’s Travel Ban Had No Scientific Basis

Elsewhere online

  • Personal, financial, and medical information may have been exposed in a data breach at St. Luke’s
  • Entrust’s customers were hacked in June, the security vendor reports
  • The United States and Ukraine expand their cyber security partnership
  • Was Russia’s Rostelecom able to hack Apple Engineering’s network for 12 hours?
  • DDoS attack against European customers blocked by Akamai
  • Google suspends Google investor John Hempton’s blog

 

Russia assembled a group of secret agents long before the invasion of Ukraine to clear the way for its forces. A study published by Reuters revealed that Russia’s involvement in Chernobyl was not a coincidence, but rather a part of the Kremlin’s secret operations in Ukraine. Investigators spoke with five people who were informed of Kremlin war preparations. Reportedly, Putin’s inner circle believed that, with the help of secret agents, Russia could force Ukrainian President Volodymyr Zelenskyy’s administration to surrender, flee or capitulate.

After several interviews with dozens of Russian and Ukrainian officials and an analysis of court documents and investigators’ reports concerning Chernobyl NPP workers, Reuters investigators found that the infiltration was apparently much deeper than previously mentioned.

“Aside from external enemies, we, unfortunately, have internal enemies, and this enemy is no less dangerous,” said Ukrainian national security and defense council secretary Oleskiy Danilov in an interview.

The Reuters’ study, alongside court documents and testimony show the role played by several high-ranking people within the Ukrainian government, such as Chernobyl NPP’s chief of security, Valentin Viter, who is being investigated for leaving his post. Among those mentioned in Reuters’ report is hotel owner Oleg, who, according to western intelligence reports, was being trained by the Kremlin to become puppet leader of Kyiv. Viktor Medvedchuk, a Ukrainian opposition politician, was also expected to play an important role.

However, Russia’s plans to take over Kyiv failed. Among the reasons was agents’ inability to complete their tasks. In the end, the Russian secret agent network managed only to sow distrust in Ukraine and highlight the Security Service’s weaknesses.

Read:https://www.reuters.com/investigates/special-report/ukraine-crisis-russia-saboteurs/


An update to Facebook’s link schema aims to fight privacy browsers and privacy plugins

A new Facebook security feature prevents browsers from stripping tracking parameters from site links. Updated URLs hide Facebook’s user-tracking IDs, so they can’t be removed. There used to be some browsers that could remove these tracking bugs, such as Firefox and Brave. Other browsers have plugins that do the same thing. But now, they’ve all been thwarted by Facebook.

Facebook has started merging URL parameters with content addresses to prevent tracking information from being removed. The tracking part of the web address cannot be automatically removed from the address since it is no longer possible to identify it. Basically, Facebook holds the upper hand when it comes to URL tracking at the moment, and there is little you can do about it short of decrypting the data.

Read:https://securityboulevard.com/2022/07/two-faced-facebook-foils-privacy-plugins-by-encrypting-urls/


For the first time in its history, Meta reported a decline in revenue and missed earnings expectations

Meta’s first-ever revenue decline highlights the challenges the social media giant faces in its ad business as an economic slowdown looms. Advertisers are pulling back in light of growing concerns about a recession in the world economy.

Meta’s metaverse business lost $2.8 billion in the second quarter as it invested in products such as virtual reality headsets and video chat devices. In addition, the company faces increasing competition from apps such as TikTok and BeReal that share photos and videos.

According to Zuckerberg, Facebook’s focus remains on connecting friends and family, and that users are discovering exciting content and sharing it. Several more leadership changes are also being made at the company, including appointing a new chief strategy officer.

Read:https://www.cnet.com/news/social-media/facebook-parent-meta-reports-first-ever-revenue-drop/


Kaspersky discovered malicious Npm packages designed to steal Discord tokens

Kaspersky said it discovered four suspicious packages in the popular Npm repository, which are intended to steal Discord tokens and users’ card data. The malware is obfuscated Python and JavaScript code.

“The JavaScript malware we dubbed ‘Lofy Stealer’ was created to infect Discord client files in order to monitor the victim’s actions. It detects when a user logs in, changes email or password, enables/disables multi-factor authentication (MFA), and adds new payment methods, including complete bank card details. Collected information is also uploaded to the remote endpoint whose address is hard-coded,” said Kaspersky.

The campaign is another growing threat to the developer community and downstream customers, as inexperienced developers can easily import malicious packages without their knowledge.

Read: https://www.infosecurity-magazine.com/news/malicious-npm-packages-steal/


Court Documents Reveal Canada’s Travel Ban Had No Scientific Basis

Last  August, the Canadian federal government instituted vaccine mandates that resulted in travel ban on unvaccinated Canadians.  The measures denied access to transportation across the country or between provinces are the subject and resulted in large scale segregation of over five million Canadians.

Courts are now showing that none of these travel mandates were made by epidemiologist, medicine or public health officials but rather by a small group taking orders from a senior parliament official.

Eight-and-a-half months later, on June 14, 2022, government officials announced that they were suspending the mandate—although they made it clear that they could bring it back at any time.  Recently Canada’s health minister suggested that Canadians would be required to be take a COVID booster every nine months in order to be “up to date” in vaccination status.

Read: https://www.commonsense.news/p/court-documents-reveal-canadas-travel?triedSigningIn=true

 

Elsewhere Online

 

Personal, financial, and medical information may have been exposed in a data breach at St. Luke’s
Read: https://boisedev.com/news/2022/07/27/st-lukes-data-breach/

Entrust’s customers were hacked in June, the security vendor reports
Read: https://techcrunch.com/2022/07/27/entrust-data-stolen-june-cyberattack/

The United States and Ukraine expand their cyber security partnership
Read: https://www.infosecurity-magazine.com/news/us-cybersecurity-partnership/

Was Russia’s Rostelecom able to hack Apple Engineering’s network for 12 hours?
Read: https://www.manrs.org/2022/07/for-12-hours-was-part-of-apple-engineerings-network-hijacked-by-russias-rostelecom/

DDoS attack against European customers blocked by Akamai
Read: https://securityaffairs.co/wordpress/133780/hacking/largest-ddos-attack-europe.html

 


Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

 

 

 

 

 

3 thoughts on “#AxisOfEasy 257: An Update To Facebook’s Link Schema Aims To Fight Privacy Browsers And Privacy Plugins

  1. Omg! That quote is from my wife. She’s constantly on me to think loving thoughts and not think like a jerk.
    I’m kind of surprised that you’d heard it. I thought I was the only one getting this message.
    Great work!

Leave a Reply to Tricia L Littlefield Cancel reply

Your email address will not be published. Required fields are marked *