My Bitdefender
  • 0 Shopping Cart

Press Center

September 2011

Facebook f8 Changes Raise Five Serious Security and Privacy Concerns

Facebook Changes to Open Door to Interactive Scams, Bring Twitter-Like Problems

Facebook’s planned changes from this year’s f8 Developer Conference, while increasing interaction between users, could also flood the site with Twitter-style spambots and increase targeted attacks.

The last few weeks have been hot for Facebook users. After updating Privacy Controlsand silently pushing the Smart Lists, the f8 pushed usability and privacy to a new level: Subscribers, News Ticker and Wallfacelift,  and the star of this f8 conference, the Timelineand the new Open Graph features.

While these new features will increase interaction between users, privacy and security issues were pushed to new limits. Here are the five main concerns.

1. Smart Lists will push users to share more info publicly ... supplying the perfect weapon for targeted attacks.

Smart List encourages people to complete their profile with job, education and work projects. Every time somebody creates a list with colleagues from a specific job, they tag this in their profile. Of course, this is generally not confidential information, and the users have the final decision in approving the info.

But having this information public and indexable will make it easier to create high-level targeted attacks. High-level attackers find out exactly who is working in a specific company, their job and, more importantly, what project they are working on. And we are talking about 800 million users.

2. Subscribers could increase the number of spambots, just like on Twitter.

The main difference between Facebook and Twitter attacks is that Facebook has many hijacked accounts while Twitter is inundated with spambots. With the new subscriber feature, Facebook is open to Spambots and "how to get more subscribers" schemes. Copying Twitter features may also mean importing Twitter scams.

3. Everything you’ve ever shared on Facebook is now available and easy to browse.

The Timeline is a revolution of usability. But it's also the open story of our life. If a user doesn't change the default settings to restrict who can see the wall, this story will be available to anyone: friends, photos, places you've checked in, relations and much more. It was available until now, but not so easy to use.

4. Health is now social... and public.

The Facebook timeline considers health information social. Now it’s easy to share health-related information such as breaking a bone, undergoing surgery or overcoming an Illness. Probably most disturbing point here is that this information is set to "Public" by default.

5. Widgets ... the open door to interactive scams.

Facebook introduces the "widget" concept to the new timeline. It lets developers take action on various objects. This moves the interaction to a whole new level. Until now, everyone who had an application installed interacted with his friends inside the app. Now, the app is on the user wall, so anyone who interacts with the user profile interacts with the app.

Considering the short lifetime of spammy apps, this could boost their efficiency. Of course, this feature is just starting, so it will likely take a while until the scammers exploit it. But every successful viral feature has eventually been exploited by social media scammers.

With more and more information in the profile, the account hijacking problem has become increasingly important. Facebook is doing a lot in eliminating noise, but has taken no important step in security. After the large number of problems related to Facebook Security, many expected an announcement regarding  session hijacking on unsecured connection, a notable security issue for many Facebook users.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.


* * *

About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of 400 million home and corporate users across the globe.

Top international testing organizations and world-renowned software reviewers acknowledge Bitdefender as a provider of the world’s most effective antimalware solutions. In January 2014, Bitdefender won top honors from AV-TEST, becoming the first solution to win “Best Protection” and “Best Performance” simultaneously. Bitdefender has also confirmed its industry leadership status with titles including “Best Antivirus of 2014” and two Editor’s Choice awards from PCMAG, and 2013 Editor’s Choice from CNET.

For more information about Bitdefender products, visit the security press room. Bitdefender also publishes the HOTforSecurity blog, with stories from the underworld of internet fraud, scams and malicious software.


test

Bitdefender E-Threats Landscape Reports

The purpose of this report is to provide a comprehensive investigation of the threats’ landscape. Bitdefender’s security experts thoroughly analyze and examine the menaces of the each semester, focusing on software vulnerabilities and exploits, different types of malware, as well as countermeasures, cyber crime prevention and law enforcement. The E-Threats Landscape Report concentrates mainly on the latest trends, but it also contains facts and data and concerning the previously investigated periods, as well as several predictions related to the upcoming semesters. This document is primarily intended for IT&C System’s Security Managers, System and Network Administrators, Security Technology Developers, Analysts, and Researchers, but it also addresses issues pertaining to a broader audience, like small organizations or individual users concerned about the safety and integrity of their networks and systems.

H2 2012 E-Threat Landscape Report - Overview

For the first half of the year, zero-day vulnerabilities played an essential role in disseminating malware with exploit packs as a favorite vector of infection. The dangerous zero-day exploit in the Java Runtime Environment (CVE-2012-4681) was documented and proof of concept was added to Metasploit, which became public knowledge before a fix was made available.

As a direct result, three billion devices running Java were vulnerable to remote code exploitation for roughly 48 hours. A second exploit hit in September and targeted Internet Explorer 9. Successful exploitation would allow remote compromise of the system with the installation of the Poison Ivy backdoor. Both zero-day exploits were used in advanced persistent attacks.

2012 saw fluctuations in the amount of junk e-mail as a proportion of e-mail traffic. The year began with a slight decrease in spam e-mails, but spam constantly gained ground towards the middle of the year. According to data gathered from the Bitdefender Antispam lab, the second half saw growth again, with small variations towards the end of 2012. The increase in the number of junk e-mails was nonetheless minor, by only 5%, leading to a rough value of 73% of the total number of e-mails sent worldwide.

Download now the full H2 2012 E Threat Landscape Report (pdf)

Download now the overview H2 2012 E Threat Landscape Executive Summary (pdf)


Archive

2012
Download now H1 2012 E Threat Landscape Report (pdf)

2011
Download now H1 2011 E-Threats Landscape Report - Executive Summary (pdf)
Download now H2 2011 E-Threat Landscape Report (pdf)
Download now H2 2011 E-Threat Landscape Report - Executive Summary (pdf)

2010
Download now H2 2010 E-Threats Landscape Report - Executive Summary (pdf)
Download now H2 2010 E-Threats Landscape Report (pdf)
Download now H1 2010 E-Threats Landscape Report - Executive Summary (pdf)
Download now H1 2010 E-Threats Landscape Report (pdf)

2009
Download now H1 2009 Malware and Spam Review Executive Summary (pdf)
Download now H1 2009 E-Threats Landscape Report (pdf)
Download now H2 2009 Malware and Spam Review (pdf)
Download now H2 2009 E-Threats Landscape Report - Executive Summary (pdf)

2008
Download now H1 2008 E-Threats Landscape Report (pdf)
Download now H2 2008 E-Threats Landscape Report (pdf)

White Papers

Welcome to the Bitdefender Photo Gallery

Bitdefender is the creator of award-winning, internationally certified Internet Security and Antivirus software.

Since its inception in 2001, Bitdefender has continued to raise the bar to set new standards in proactive threat prevention and virus removal, in many cases leading the way in the best Internet security detection techniques to prevent the spread of malicious threats.

Thanks to its first-class products and state of the art technologies, the company rapidly expanded into a worldwide leader. Bitdefender made its entrance on the international market when opening offices in the UK, USA, Germany, France and Spain, as well as establishing strategic partnerships and a local presence in over 100 countries globally.

By the end of 2009, Bitdefender was protecting millions of users globally and had established trusted use of our technology with household names like IBM and Virgin Media through strategic partnerships.

2011 brought a pivotal change in Bitdefender’s company philosophy, as the organization embraced a new corporate identity. It was also a year of success, as the company’s consumer products were the first in years to be voted the #1 choice (in terms of internet security) by three of the most important independent testing organizations in the world.

The new image acts as a binder between the company’s roots and its future. One thing has remained unchanged: Bitdefender’s capacity of delivering top antivirus products. Bitdefender provides the best antivirus solutions using the same award-winning technology for consumers and for corporate networks, from the small business right through to the global enterprise, protecting all endpoints.

The Bitdefender proprietary technologies, based on innovative ideas and leading trends in the information security industry, continue to be internationally recognized as the best Internet security software. The independent organizations which reward our outstanding results through numerous prizes and certifications are: Av-Test.org, Virus Bulletin, ICSA Lab, Checkmark, PC World Top 100, just to name but a few.

Bitdefender strives to constantly develop technology to stay one step ahead in offering our customers the best antivirus detection, combined with flexible usability and performance.

BRAND STORY

Who we are – under the sign of the Wolf

Who are we? We’re a sublime alloy of intelligence, strength and willpower. We have the sharp mind of the wolf and the sleekness of the dragon, the vigilance of the alpha-male and the indestructibility of the snake’s body. We are a unique combination of symbols that fight on Good’s side.

Half wolf. Half dragon. The Dacian Wolf was carried into battle by soldiers defending their territories in ancient times. It created fear in the opposition, and built confidence in those who carried it.

We are now the bearers of this symbol that transcends time. While the battlefield has changed, its spirit lives on. We are the defenders of the new digital world. We are AWAKE, always on guard—protecting more than 400 million users across the globe with our award-winning technologies.

Judging by its looks, the Bitdefender brand avatar borrows the spirit of our fearless ancestors. It also adds a modern layer to our historical heritage, by bringing the Bitdefender quintessence into the equation.
Bitdefender is perfectly adapted to today's combat requirements. It possesses the necessary skills to win the digital warfare that is going on inside computer networks all over the world.

The logo is a sleek, simplified representation of the brand avatar, while "AWAKE" means we’re always on guard, always ready to step in for the safety of the user.

Our purpose

We are here to defend the welfare of all users, no matter the platform, the nature of the user nor the magnitude of the challenge.
We will do whatever it takes to keep computer users safe from harm and help the Good prevail.
Always.

Catalin Cosoi

Catalin Cosoi

Chief Security Strategist

Alexandru Catalin Cosoi is Bitdefender's Chief Security Strategist, tasked with energizing and publicizing the company's technological progress.

Catalin specializes in pattern extraction and recognition technologies, with an accent on neural networks and clustering algorithms. His technical achievements have so far materialized in four granted patents and a series of classification technologies being implemented mostly in Bitdefender software. As a consequence of his interests, he is also pursuing a PhD in natural language processing.

He lists his professional goals as "gaining a Nobel prize and achieving clinical immortality", is married and lives in Bucharest, Romania at the rare times when his job isn't sending him around the globe.

Bogdan Botezatu

Bogdan Botezatu

Sr. e-Threat Analyst

Bogdan Botezatu (born 1983 in Romania) is a computer security expert and editor of HOTforSecurity.com. He has a strong background in computer networking and antimalware research .

Bogdan Botezatu is Senior e-threat analyst for Bitdefender. He has worked for the Romanian provider of innovative antivirus solutions since 2007. His areas of expertise are cyberwarfare , mobile and social networks malware.

As Senior e-threat analyst, he was part of the teams that developed the Bitdefender USB Immunizer and Bitdefender Removal Tools . More than that, he was the author of Malware History , an overview of the most notable developments in the malware landscape, Securing Wireless Networks , that provides tips and tricks on how to shield your home network from intruders, and Safe Blogging Guide , that highlights key recommendations on how to keep your blog and identity safe.

Bogdan Botezatu has spoken at various computer security conferences around the world, including IPEXPO , DefCAMP and international seminars, such as “Current Methods for Combating Cybercrime”, organized by IMPACT Alliance.

Before joining Bitdefender he has activated as system administrator at the Alexandru Ioan Cuza University of Iasi, where he supervised the implementation of IT functions in the educational sector for non-IT-related specialties.

Who to ask? Below you have a list of all of our media representatives who are ready to answer any question you might have.



Marius Buterchi
PR Manager
US
+40 212 063 470
publicrelations[at]bitdefender[dot]com



Catalin Cosoi
Chief Security Strategist
Head of Communications
+40 212 063 470
publicrelations[at]bitdefender[dot]com



Andrei Taflan
Global PR Manager
+40 212 063 470
publicrelations[at]bitdefender[dot]com