October is an important month for cybersecurity at Facebook. Not only is it National Cyber Security Awareness Month – it is also the month when the social network holds Hacktober, its annual, monthlong initiative to build and maintain a security-aware culture. Director of security operations Jennifer Henley shared tips for other companies looking to duplicate Hacktober in a note on the Facebook Security page.
Facebook continued to mark National Cyber Security Awareness Month with content aimed at explaining the measures it takes to keep its users safe, and the latest addition is a note on the Protect the Graph page from security engineer Chris Long explaining how the social network reacts to the sharing of stolen passwords on public sites.
As part of National Cyber Security Awareness Month, Facebook security infrastructure engineer Benjamin Strahs spoke on a panel organized by Bloomberg Government in Washington, D.C., last week, along with representatives from the Department of Homeland Security, Google and Microsoft.
Facebook continued to mark National Cyber Security Awareness Month with a note on the Facebook Security page from site integrity engineer Matt Jones, detailing the steps taken by the social network to eliminate fake profiles and fraudulent activity.
Facebook Security Engineer Michael McGrew and a colleague attempted to hack the Western Regional Collegiate Cyber Defense Competition, but their intentions were pure: After discovering the Collegiate Cyber Defense Competition while he was a junior in college, McGrew started a club and brought a team to the WRCCDC, so his stint as a “penetration tester” was almost like returning to his roots.
Who says Facebook doesn’t pay out bounties when bugs are reported? Arul Kumar, an electronics and communications engineer from Tamil Nadu in India, is $12,500 richer after reporting a bug that allowed users to delete photos from Facebook via the social network’s support dashboard.
Another case of malware via video is rapidly spreading via Facebook to Google Chrome users, at the rate of about 40,000 per hour, Italian security researcher Carlo De Micheli told The New York Times’ Bits blog.
Facebook is still refusing to pay a bounty to Khalil Shreateh, the security researcher who used the bug he discovered to post directly on Co-Founder and CEO Mark Zuckerberg’s Timeline after Facebook Security rejected his attempts to report it, but Beyond Trust Chief Technology Officer Marc Maiffret is doing his best to make sure Shreateh doesn’t walk away from this experience empty-handed.