50 Million Facebook Accounts Compromised, Is Your Business Page Safe?

The security breach which was discovered by Facebook (NASDAQ: FB) engineers on September 25 allowed the attackers to take direct control over user accounts; around 50 million of them to be exact.

The Latest Facebook Security Breach

In addition to the 50 million, Facebook also said there were another 40 million accounts which were potentially vulnerable. All said, the company logged out 90 million accounts to prevent further damage.

In a security update, Facebook admitted the attack was able to exploit the complex interaction of multiple issues in its code. This came about from a change the company made to its video uploading feature in July of 2017 affecting the “View As” feature.

Facebook said, “The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.”

This attack couldn’t have come at a worse time for Facebook. The company is trying to ratchet up its security before the upcoming mid-term elections while at the same time trying to recover from the Cambridge Analytica fiasco in which data from about 87 million users was shared with a political consulting agency.

The View As Feature

The View As feature allows users to see how a profile looks to other people.

The attackers were able to exploit three flaws or bugs in the “View As” feature. In the same security update, Pedro Canahuati, Vice President of Engineering, Security and Privacy, listed those flaws as follows:

1. View As incorrectly provided the opportunity to post a video.
2. A new version of the video uploader (the interface that would be presented as a result of the first bug), introduced in July 2017, incorrectly generated an access token that had the permissions of the Facebook mobile app.
3. When the video uploader appeared as part of View As, it generated the access token NOT for the viewer, but for the user the viewer was looking up.
4. Facebook said it has turned off the View As feature temporarily while it conducts a security review.

Tricking Facebook to Issue Access Tokens

With this vulnerability, the attackers were able to trick Facebook into issuing them access tokens. This gave them access to user accounts as if they were the user.

They also had access to services the user might’ve registered for using Facebook such as Airbnb, Spotify, Tinder or other apps and games.

Facebook has reset the access tokens of the 50 million accounts that were affected as well as the additional 40 million accounts that might’ve been vulnerable.

If your account was one of the 90 million affected by this incident, you will be prompted to re-login on Facebook and any linked accounts.

Who is Responsible?

In a conference call (PDF) Guy Rosen, Vice President of Product Management for Facebook said the company has notified law enforcement and is working with the FBI.

As to who is responsible, Rosen goes on to say it is hard to discover who was behind the attack, adding “We may never know.”

Read More

Senators pressure Trump to investigate disappearance of Saudi journalist

Washington (CNN)President Donald Trump is facing new pressure to investigate the disappearance of Saudi journalist Jamal Khashoggi and determine whether to impose sanctions on those responsible after receiving a letter from a bipartisan group of senators Wednesday.

The letter, which triggers an "investigation and Global Magnitsky sanctions determination" was penned by the top Republican and Democrat on the Senate Foreign Relations Committee, chairman Sen. Bob Corker and ranking member Sen. Bob Menendez, along with the leaders of the appropriations subcommittee for the State Department, Sen. Lindsey Graham and Democrat Sen. Patrick Leahy.

Under the terms of the Magnitsky legislation, the President can impose sanctions on individuals or countries that are deemed to have committed a human rights violation.

Trump said Wednesday night in an interview on Fox News that "so far it's looking a little bit like" the Saudis are behind the disappearance of Khashoggi, but said "I do hate to commit to what recourse we would take. It's too early."

The President said blocking further arms sales to Saudi Arabia "would be hurting us."

Trump said the US is doing well economically in part due to "what we are doing with our defense systems," and said, "frankly I think that would be a very, very tough pill to swallow for our country."

15-man team

Khashoggi, a former Saudi royal insider who became a critic of the regime of Crown Prince Mohammed bin Salman, has not been seen since Tuesday last week, when walked into the consulate general in Istanbul, intending to get paperwork that would allow him to marry his Turkish fiancée.

Turkish authorities have privately said they believe Khashoggi, a Washington Post columnist, was killed inside the consulate. The Saudis deny the allegation but have not been able to provide proof that he left the consulate alive.

In the latest developments on Wednesday, Turkish security officials concluded that the "highest levels of the royal court" in Saudi Arabia ordered the assassination of Khashoggi, according to a senior official cited by The New York Times.

Turkish officials have said that a 15-person team flew from Saudi Arabia into Istanbul on the day Khashoggi entered the consulate, and they have provided information about two private planes that, they say, were involved in the transit of these Saudis. Aviation data analyzed by CNN backs up evidence of the planes' arrival in Istanbul.

Trump said Wednesday that he's been in touch with the "highest levels" of the Saudi government about Khashoggi's case and expressed concerns about his possible murder. He said his administration was pressing the Saudi government to reveal more about the incident.

"We're demanding everything. We want to see what's going on here. It's a bad situation," Trump said in the Oval Office.

But he stopped short of saying whether he believed the Saudis have knowledge about his whereabouts, or may have played a role in his disappearance, stating that not enough was known to make a determination.

Senators' letter

The letter sent to Trump by the bipartisan group of senators increases the pressure on the administration to act. It gives the White House 120 days to "determine whether a foreign person is responsible for an extrajudicial killing, torture, or other gross violation of internationally recognized human rights against an individual exercising freedom of expression" and to report back to the Foreign Relations Committee with a decision on how it plans to act.

It specifically asks the President to make a determination in relation to Khashoggi.

Prior to the letter's release, senators were given access to a two-page classified report on Khashoggi, according to a Senate aide. "The intelligence reports are very direct, very short and give further credence to the fact that the focus needs to be on Saudi Arabia right now," Corker said.

Members of the Gang of Eight are being briefed in more detail: House Intelligence ranking Democrat Rep. Adam Schiff said he had been briefed on the matter, and Senate Intelligence ranking Democrat Mark Warner said he expected a briefing later.

One-fifth of the Senate — all members of the Senate Foreign Relations Committee besides Sen. Rand Paul — signed the letter.

"The entire Senate Foreign Relations Committee, sans Rand Paul, and the relevant appropriators all agreed to sign this request. The administration would be foolish not to follow the law here by rejecting their request," one Senate aide told CNN.

Asked if the letter puts pressure on the Trump administration, Corker responded, "Oh it does, of course."

"It's not intended though as a shot at them, it's intended to put in place ... it's the forcing mechanism to ensure that we use all the resources available to get the bottom of this and if in fact at the very highest levels of Saudi Arabia they have been involved in doing this, that appropriate steps will be taken to sanction them," Corker added.

Following the letter's release, Corker specifically noted that the sanctions could affect the highest levels of the Saudi regime.

"It's a very strong signal I think from the foreign relations committee. Again it's an act that we can take without passing legislation. It is a forcing mechanism. I don't look at this in any way to try to cross the bows of the administration. I don't. I do look at it certainly has a shot across the bow at Saudi Arabia and these are very serious steps," he said.

Corker also said that the administration was not given a heads up about the letter prior to its release to reporters, adding that he was unsure about how Trump might respond given his close relationship with the Saudi crown prince.

"This is a step that we are taking that we can take unilaterally that is a forcing mechanism and it does mean that in a serious way an investigation has to take place. And if in fact at the highest levels they have been involved in the murder of a journalist who just happened to write against some of the things they are doing in their country, they will be under tremendous pressure to follow this wherever it goes," he said.

The letter was also signed by Sens. Marco Rubio (R-Fla.), Ben Cardin (D-Md.), John Barrasso (R-Wyo.), Chris Murphy (D-Conn.), Jeff Flake (R-Ariz.), Tim Kaine (D-Va.), Cory Gardner (R-Colo.), Ed Markey (D-Mass.), Johnny Isakson (R-Ga.), Jeff Merkley (D-Ore.), Todd Young (R-Ind.), Jeanne Shaheen (D-NH), Rob Portman (R-Ohio), Cory Booker (D-NJ), Ron Johnson (R-Wis.), Chris Coons (D-Del.), Jim Risch (R-Idaho) and Tom Udall (D-N.M).

Read More

World's longest flight live updates: Preparing for take off

Singapore (CNN) — Spending nearly 19 hours cooped up in an airplane may sound nightmarish to some, but when Singapore Airlines flight SQ22 takes off from its home airport bound for New York, it's going to be a dream for others.

The record-breaking flight, involving a brand-new Airbus A350-900ULR (Ultra Long Range), will usher in a new era for air passengers and make the world just that bit smaller as it becomes the world's longest scheduled nonstop service.

For aviation fanatics like myself, it rarely gets more exciting.

I'm lucky enough to have a ticket for this inaugural flight and I'll be live-reporting my experiences as we depart from Singapore's Changi Airport, then fly northeast towards Alaska before landing in Newark Liberty International Airport, just outside of New York.

Take off is scheduled for 11:35 p.m. Singapore time (11:35 a.m. in New York, 4:35 p.m. in London) on Thursday October 11 and, all being well, we'll be wheels-down on the other side of the planet the following day, Friday at 6 a.m. in New York (11:00 a.m. in London, 6 p.m. Singapore).

But what will it be like to spend more than 18 hours in the air? How does the human body cope? How do the cabin crew cope? How do the airplane's bathrooms cope?

I'll be charting my observations -- good and bad -- and those of my 160 fellow passengers as we make aviation history.

Keep checking this story for live updates as we travel the 16,700 kilometers (10,376 miles) to our destination.

In the meantime, you can read more about the super-efficient aircraft we'll be flying, and the journey we'll be taking, here.

But first, a few words on what exactly is meant by the world's longest flight.

It seems so easy, but it isn't.

There are various ways to define it, with pedants arguing for hours over what it means.

Related content

17 hours in the air? World's longest airline routes

Of course there is the distance flown. Then there's the duration of the flight. Sometimes strong head winds can mean a shorter distance takes longer and vice versa.

However, we're usually safe saying the longest flights are measured when the plane is flying the Great Circle Route: the shortest distance between two points on the globe.

For instance: flying from New York to London, the plane doesn't go straight out over the ocean because that would mean flying at the wider part of the Earth's circumference.

Rather, the plane heads north, making an arc past Canada, Greenland and Iceland, and down across Ireland into London.

With that in mind, these are the commonly accepted world's longest flights:

Singapore to New York   

Singapore Airlines to reclaim world's longest airline route: On October 11, 2018, Singapore Airlines new Airbus A350-900ULR will go into service between Singapore and New York. The 19-hour trip will become the world's longest non-stop flight route.

Airbus

Previously operated by Singapore Airlines using an Airbus A340-500, this flight took 18 hours to get to Newark.

It ended up being an all-business class flight. The A340-500 is a four-engine, heavy and thirsty aircraft. When fuel prices rose to more than $100 per barrel, this flight stopped being profitable. (Remember: the longer the flight, the more fuel becomes a proportion of the cost!)

Related content

The making of the airplane seats for the world's longest flight

By 2013 Singapore Airlines took advantage of an agreement to hand back the planes to Airbus, thereby ending the route.

Now, five years later, equipped with the more fuel-efficient A350-900 Ultra Long Haul, the airline can once again fly direct from Singapore to New York and make money.

From October 11, hands-down this will be, without controversy, the longest regularly scheduled nonstop commercial flight in the world.

Perth to London

Since 1947, the journey from Australia to London has been known as The Kangaroo Route. Back then, several hops were involved -- Sydney, Darwin, Singapore, Calcutta, Karachi, Cairo, Castel Benito, Rome, London -- and took some four days to complete.

And that was considered speedy.

Related content

From 10 days to nonstop: How London to Australia flights have changed

This year Qantas did the run all in one long hop, when a Boeing 787-9 Dreamliner made the journey in just over 17 hours.

There have been other aircraft capable of this distance, like the Boeing 777-200LR, Airbus A380 and A340-500, but they are heavier planes with more seats than required. It would have been difficult to make money on this "long thin route."

Other flights in the top 10

Qantas' Sydney-Dallas using the A380, Qatar's Doha-Auckland, Emirates' Dubai-Auckland, United Airlines running San Francisco-Singapore with a 787-9.

The return of Singapore-New York will put an end to all the rivalry, at least for the moment.

By connecting these two commercial centers on opposite sides of the world, the flight is probably the final long-distance route an airline can conceive to run and remain commercially viable.

Related content

Out of the blue: A look back at Air Force One's classic design

Until Qantas' Project Sunrise comes to fruition.

The Aussie carrier has tasked both Airbus and Boeing to develop long-range aircraft capable of flying 17,000 kilometers nonstop from Sydney to London. Qantas hopes to order the revamped planes by 2019 with flights beginning in 2022.

That journey, if it happens, will clock in at around 20 hours, earning world's longest honors.

The REAL longest flight

Oh, did I say that these were the longest flights?

Because the actual longest flight, according to Guinness World Records, was a 22-hour and 42-minute flight in 2005, from Hong Kong to London.

Boeing was demonstrating the capabilities of its 777-200LR -- nicknamed the Worldliner -- so the flight went the long way round.

I was one of only 30 passengers on board -- Boeing was required to have some paying passengers to meet the criteria for beating the record.

During the nearly day-long trip, we played games, exercised, chatted with the eight pilots on board and slept on mattresses laid out at the back where the seats had been removed.

The flight took off from Hong Kong, crossed the Pacific, making landfall around Los Angeles.

From there, we flew across the United States, crossing over New York's JFK Airport before heading out over the Atlantic and landing in London to a water-cannon salute.

Now THAT was a long flight.

Read More

Teacher banned for claiming extra cash for school trips

A languages teacher has been banned from the classroom for claiming extra cash from parents for school trips, a conduct panel has concluded.

David Malengela, 41, had responsibility for organising overseas trips at St Peter's School in Huntingdon.

The disciplinary hearing was told he asked parents for additional "behaviour deposits" and charged pupils 20 euros each just to board the coach.

The panel said his actions were "calculated and deliberate".

Read more Cambridgeshire stories

The Teaching Regulation Agency's professional conduct panel was told Congolese Mr Malengela planned three residential trips for the 2017 summer term.

Between February and June 2017, the school's finance team made repeated requests for pupil numbers and money, without success.

The three-member panel was told Mr Malengela wrote to parents to say the £390 cost of a trip to Paris had gone up, citing an "additional £20 refundable behaviour deposit for the Hotel Bon-Sejour".

The tour operator was unaware of the deposit, the hearing learned, and a price increase had not been agreed by the school.

Parents were also asked for an additional payment of 20 euros "to be paid to him personally as the children boarded the coach on departure".

'Serious irregularities'

At a briefing session, he also asked families for a security deposit of 25 euros and money to attend a science museum, the panel found.

In its concluding report, the panel said a "subsequent disciplinary investigation by the school alleged serious irregularities in the administration of the trips".

Mr Malengela resigned in May 2017. The total amount of money he received was not revealed.

The panel concluded the teacher's conduct "fell short of the expected standards of the profession" and "the offence of fraud is relevant".

He was banned from teaching in any school, sixth form college or children's home in England indefinitely.

Mr Malengela has 28 days to appeal.

Read More

Hurricane Michael: Record-breaking 'hell' storm mauls US

The third-strongest storm in recorded history to hit the mainland US has battered north-west Florida, flooding beach towns and snapping trees.

Hurricane Michael made landfall on Wednesday afternoon as a category four storm with 155mph (250km/h) winds in the state's Panhandle region.

Two people, including a child, were killed by falling trees, officials say.

The storm left nearly 500,000 people without electricity in Florida, Alabama and Georgia, emergency services say.

Florida officials said a man was killed when he was crushed by a tree in Gadsden County.

A child died when a tree fell on a home in Seminole County, Georgia, CBS news reports.

Michael earlier reportedly killed at least 13 people as it passed through Central America: six in Honduras, four in Nicaragua and three in El Salvador.

How powerful was Michael when it hit?

Only the unnamed Labor Day hurricane, which hit Florida in 1935, and Hurricane Camille, which struck Mississippi in 1969, made landfall with greater intensity.

The Labor Day storm's barometric pressure (the lower the number, the stronger the storm) was 892 millibars and Camille's was 900, while Michael blew in with 919.

Michael was so powerful as it swept into Florida that it remained a hurricane as it moved further inland.

Its rapid intensification caught many by surprise, although the storm later weakened.

How to survive a monster storm

Are hurricanes getting worse?

A guide to the world's deadliest storms

Unusually warm waters in the Gulf of Mexico turbo-charged the storm from a tropical depression on Sunday.

Only on Tuesday it was a category two hurricane but by Wednesday morning it had reached borderline category five, the highest level.

More than 370,000 people in Florida were ordered to evacuate, but officials believe many ignored the warning.

What happened in Florida?

The hurricane made landfall near Mexico Beach, Florida, at around 14:00 (18:00 GMT) on Wednesday, according to the NHC.

The coastal city of Apalachicola reported a storm surge of nearly 8ft (2.5m).

Read More

Joe Biden hasn't ruled 2020 presidential run out – or in

Former Vice President Joe Biden announced that he has no plans to run for president in 2020 “at this point.” Veuer's Natasha Abellard has the story. Buzz60

LONDON – Former Vice President Joe Biden insisted Wednesday that he had not decided whether to challenge Donald Trump for the presidency in 2020.

"I am not a candidate at this point," Biden told USA TODAY after a speech at Chatham House, a London-based global affairs think tank.

Biden passed on an opportunity to run for president after the death of his 46-year-old son, Beau, from cancer in 2015. His name emerged at the top of lists of potential Democratic contenders for president in 2020, along with former New York City Mayor Michael Bloomberg and Sens. Cory Booker, Kamala Harris and Kirsten Gillibrand. 

In London, Biden said he was not planning to run against Trump. But he didn't rule it out, saying he "had not made any decisions at this point." Biden has said he would decide by January whether to run.

A Morning Consult-Politico poll over the summer concluded that Biden would beat Trump in a hypothetical matchup in the 2020 presidential election.

Biden predicted in London that the Democratic Party would win control of the House of Representatives and the Senate in next month’s midterm elections, a contest he characterized as "a battle for the soul of America."

"I predict to you that the Democrats will win 40 seats in the House. I also think there is a better than even chance we win the Senate," he said in a Q&A after his address. In a wide-ranging address that covered the United States' "special relationship" with the United Kingdom, as well as the encroaching threats of a more geopolitically assertive China and Russia, Biden said the world was at a "crossroads of competing values," and  "looking inward, turning inward has never, ever worked for us before."

Though Biden did not mention Trump by name, he said a "siren call of phony nationalism" challenges "seven decades of the U.S. underwriting global security" as certain political actors treat "alliances like protection rackets."

Trump has exited or upended trade pacts, withdrawn from the Iran nuclear agreement, abandoned the Paris climate change accord and exacerbated tensions with European Union and North Atlantic Treaty Organization (NATO) allies. 

“Open societies are not self-sustaining,” Biden said. “The system requires constant maintenance.” He said  the world is at an “inflection point” and there is a "contest for the future."  "I have never seen Europe so uncertain and the U.S. in so much doubt," Biden said, referring to Britain's impending departure from the 28-nation EU political bloc, the rise of populist, right-wing governments across the region and intense cultural and political wars at home that span the economy, courts, immigration and gender relations.

Read More