It struck most observers as appallingly bad practice. Facebook says their intentions were good and they didn't actually store passwords, but they understand, and have stopped this form of verification. Yesterday the Daily Beast confirmed that Facebook is indeed doing this. The Vietnamese threat group uses steganography (in the form of a png image file) to carry its loader to the target.Į-sushi, a self-described dabbler in cybersecurity and other things, called out Facebook Sunday for asking people to give up their third-party email credentials so Facebook can 'automatically' verify those accounts. Blackberry Cylance has a new report on OceanLotus, also known as APT32 or Cobalt Kitten.
