Hackers have tried to convince potential buyers—and the BBC Russian Service—that they had cracked Facebook’s security and extracted private messages from 120 million accounts. However, according to an outside expert reported by the BBC, it appears likely that at least 81,000 Facebook accounts had their privacy breached. And according to Facebook, the breach is due to malware-containing browser extensions.
“We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores and to share information that could help identify additional extensions that may be related,” Facebook’s vice president of product manager, Guy Rosen, said in a statement.
The hackers originally published an offer in September for personal information related to 120 million Facebook accounts on a English-language forum. This included a sample of data that the BBC had an expert examine, confirming that over 81,000 profiles’ private messages were included. An additional 176,000 accounts had data that could have been scraped from public Facebook pages.
Facebook’s Rosen said that its security wasn’t compromised, and urged people to remove any plug-ins they don’t fully trust. Rosen said the social network had notified law enforcement, had the website hosting the Facebook account data had been taken down.
Depending on the browser, plug-in extensions may be able to monitor a user’s activity on any web page. This typically doesn’t include keystrokes, but extensions can sweep in anything rendered on a page for a user to see, such as public and private messages.
Plug-ins that provide toolbars or insert links for coupons for e-commerce are common. However, with so many extensions available, malicious parties have many options: compromise existing software through insiders or poor developer security; release their own seemingly benign plug-ins that provide a useful function alongside snooping; or buy extensions from developers and then update them to include malware.
SAN FRANCISCO (Reuters) – Chief Executive Elon Musk said on Tuesday he is considering taking Tesla Inc private in what would be the largest deal of its type, moving the electric car maker out of the glare of Wall Street as it goes through a period of rapid growth under tight financial constraints.
“Am considering taking Tesla private at $ 420. Funding secured,” Musk said on Twitter bit.ly/2Om3gn3. At $ 420 per share, a deal would be worth $ 72 billion overall.
In a letter to Tesla employees published more than an hour later on the company’s blog here, Musk explained that going private would be “the best path forward.” Such a move – over which no final decision had been made – would let Tesla “operate at its best, free from as much distraction and short-term thinking as possible,” he wrote.
Tesla shares closed up 11 percent at $ 379.57, slightly below their all-time high.
Asked on Twitter whether Musk would continue to be CEO under such a scenario, he replied there would be “no change.”
Musk has been under intense pressure this year to turn his money-losing, debt-laden company into a profitable higher-volume manufacturer, a prospect that has sent Tesla’s valuation higher than that of General Motors Co.
The company is still working its way out of what Musk called “production hell” at its home factory in Fremont, California, where a series of manufacturing challenges delayed the ramp-up of production of its new Model 3 sedan, on which the company’s profitability rests.
The Silicon Valley company faces a make-or-break moment in its eight-year history as a public company as competition from European automakers is poised to intensify with new electric vehicles from Audi and Jaguar, with more rivals to follow suit next year.
Meanwhile, Tesla has announced plans to build a factory in Shanghai, China, and another in Europe, but details are scarce and funding unknown.
Going private is one way to avoid close scrutiny by the public market as Musk and the company face those challenges. Musk has feuded publicly with regulators, critics, short sellers and reporters, and some analysts suggested that less transparency would be welcomed by Musk.
“Musk does not want to run a public company,” said Gene Munster of Loup Ventures, as Tesla’s ambitious mission makes it “difficult to accommodate investors’ quarterly expectations.”
Musk owns nearly 20 percent of the company. He said in his letter to employees he did not seek to expand his ownership.
A price of $ 420 per share would represent a nearly 23 percent premium to Tesla’s closing price on Monday, which gave the company a market value of about $ 58 billion.
In his letter, Musk suggested a choice for shareholders of selling their shares for $ 420 each or remaining investors in a private Tesla. He said he hoped all current investors would remain were the company to go private.
He made no mention in his tweets nor his letter where the funding for a deal would come from, and the letter did not discuss funding for the plan.
Like any other investor, Musk is beholden to securities laws and several securities attorneys told Reuters he potentially could face lawsuits if it was proven he did not have secure financing at the time of his tweet.
If Musk were to succeed in taking Tesla private, it would be the largest leveraged buyout of all time, beating the record set by the $ 45 billion deal for Texas power utility Energy Future Holdings, which ended in bankruptcy in 2014.
Raising both the debt and equity required for such a deal would be a challenge. Many major Wall Street bankers contacted by Reuters said on condition of anonymity they were not aware of Musk’s plans ahead of his tweets, and several expressed skepticism that a leveraged buyout of Tesla could be financed given the company’s negative cash flow.
“It’s unfathomable to me that anyone would finance the acquisition of such a liability-laden company that is losing so much money and have massive capex requirements going forward,” said Mark Spiegel, portfolio manager of hedge fund Stanphyl Capital Partners, who holds a short position in Tesla and has been a vocal critic of Musk on Twitter.
FILE PHOTO: Elon Musk listens at a press conference following the first launch of a SpaceX Falcon Heavy rocket at the Kennedy Space Center in Cape Canaveral, Florida, U.S., February 6, 2018. REUTERS/Joe Skipper/File Photo
The most obvious equity partners for Musk would be a sovereign wealth fund such as Saudi Arabia’s Public Investment Fund (PIF) or major technology investment funds such as SoftBank Group Corp’s Vision Fund, bankers said.
China’s Tencent Holdings, which took a 5 percent stake in Tesla last year, is another possible partner.
Such foreign sources of capital would be subject to scrutiny by the Committee on Foreign Investment in the United States (CFIUS), which looks closely at deals for potential national security risks.
Earlier on Tuesday, a source familiar with the matter said Saudi Arabia’s PIF had bought a minority stake of just below 5 percent in Tesla.
The U.S. Securities and Exchange Commission declined to comment on Musk’s tweet, but the agency allows companies to use social media outlets like Twitter to announce key information in compliance with its fair disclosure rules if investors are alerted about which social media outlets will be used.
Tesla alerted investors in a 2013 SEC filing that they should follow Musk’s Twitter feed for “additional information” about the company. There is no reference to Musk’s Twitter account on the company’s investor relation page under “investor communication,” although Tesla’s Twitter feed is included.
In his letter to employees, Musk wrote that, “as the most shorted stock in the history of the stock market, being public means that there are large numbers of people who have the incentive to attack the company.”
A short squeeze is a trading scenario that occurs from time to time in heavily shorted stocks, when bearish traders are forced to buy shares to avoid big losses – something that ends up pushing the stock only higher.
Short interest in Tesla on Tuesday stood at nearly $ 13 billion, according to S3 Partners, a financial analytics firm.
FILE PHOTO: A Tesla sales and service center is shown in Costa Mesa, California, U.S. June 28, 2018. REUTERS/Mike Blake
Reporting by Sonam Rai in Bengaluru, Alexandria Sage in San Francisco, Carl O’Donnell, Liana Baker, David Randall in New York and Pete Schroeder in Washington; editing by Saumyadeb Chakrabarty, Bill Rigby and Chris Reese
While it’s not clear exactly which celebrities were impacted, Instagram acknowledged this week that a bug in its API allowed hackers to get their hands on the phone numbers and email addresses of “high-profile” Instagram users, which presumably means verified accounts. No passwords were compromised, and Instagram says it has contacted all impacted accounts. The worst-case scenario here would be some semi-elaborate social engineering that led to an account takeover, but mostly, if you’re famous, you might want to change your number.
It turns out that digital security gets pretty messy after we’ve put computers in our pockets, our cars, our door locks—and perhaps most of all, our bodies. There’s no better evidence of that than hundreds of thousands of people with heart conditions being told by the US government that they need to update their pacemakers’ firmware or face a potentially deadly hacker attack. This week the FDA warned 465,000 people with pacemakers made by St. Jude Medical, now owned by the healthcare company Abbott, that they’d need to visit a doctor who can perform a firmware update on the digital devices in their chests designed to fix a critical security vulnerability in those life-saving gadgets. Last year the hedge fund Muddy Waters revealed with the help of the security consultancy MedSec that St. Jude’s pacemakers were vulnerable to hackers who could take control of the software used to configure the pacemakers and wirelessly attack them from as far as 100 feet away. That would allow hackers to disable the pacemakers or even use them to deliver potentially fatal electric shocks. While Muddy Waters used that revelation as an opportunity to short-sell St. Jude’s stock in a controversial move, their findings were nonetheless backed up by security firm Bishop Fox, which independently tested the pacemakers. The FDA’s announcement this week means that pacemaker patients now have a solution to that cardiac security threat—but one that requires a doctor’s appointment rather than a mere internet update to implement.
Spam scourges are not new to the internet. But the recently discovered Onliner spambot looks like a particularly nasty specimen. The list comprises 711 million records, which include email addresses and, in some cases, passwords as well. The spambot sends emails to each of those accounts that contain a single, invisible tracking pixel, which sends back details about the target’s operating system. That helps an attacker know who to target with so-called Ursnif malware, which only affects Windows devices. What makes Onliner particularly insidious is its ability to circumvent spam filters, by using confirmed email addresses gleaned from previous public breaches to disseminate the spam. Bad times! As always, don’t open emails from people you don’t trust, and if you do, set your inbox to block images to make it harder for pixels to track you.
Kaspersky may be under constant suspicion—and even an FBI investigation—due to its ties to the Kremlin, but that doesn’t stop it from occasionally exposing Russian hacking operations. This week the company revealed that in February it alerted its customers to a hacking operation it called WhiteBear, which it believes is likely a subgroup of the hacking team Turla, believed to be employed by the Russian government. The WhiteBear operation penetrated a series of embassies and consulates around the world from February to September of 2016, Kaspersky’s analysts say, but switched to targeted military organizations in the first half of 2017. Kaspersky has been under FBI investigation for possible ties to the Putin regime, and the cybersecurity industry has repeatedly warned that its antivirus software could be used for covert spying. But the WhiteBear report should serve as a counterexample to anyone who describes Kaspersky as a simple pawn of Kremlin spy agencies, and it’s not the first time Kaspersky has exposed Russian spying. At its Security Analysts Summit in April, the company’s researchers detailed connections between Turla and a 20-year-old backdoor used in Russia’s global spying operation known as Moonlight Maze.
The publication noted Middleton’s lawyers confirmed her account has been accessed and that her and Matthews have requested their privacy to be respected.
The royal correspondent for the Daily Mail reported that 3,000 photos had been taken from Middleton’s account and a person going by the name “mas” was attempting to sell them to media organizations. Read more…
Rackspace, a company that was an early player in the cloud market, is being forced to evolve or continue to be left behind.
The cloud and web-hosting company announced today that it’s being acquired by Apollo Global Management, a U.S.-based private equity firm, and will become a private company. It’s a move analysts say will enable Rackspace to make big changes without worrying about an anxious or angry response from shareholders.
Under the $ 4.3 billion deal, Rackspace stockholders will receive $ 32 per share. The purchase is expected to be finalized in the fourth quarter, according to the company.