Part 1: Security Threats
A Facebook data breach revealed more than 530 million individuals’ personal information to hackers. This included the date of birth, user’s name, current city, and posts made on their wall. The exposure was discovered in 2021 even though it existed since 2019.
This breach happened when cybercriminals scraped data from Facebook’s servers using a misconfiguration in their contact importer. As a result, they could gain access to the personal information of millions of people.
According to (Vojtko How to prevent security misconfiguration) “The most common mistakes that lead to security misconfiguration are: Unnecessary ports being left open, Unneeded services permitted to run, Leftover pages still available to access, and Unused accounts with certain privileges not being deleted.”
By not removing these things you are leaving the application open to attacks. A couple of things we can do to prevent Security Misconfiguration are: Remove unused features, Disable the use of default accounts and passwords, and Limit access to administrator interfaces.
Part 2: Mobile devices
A desktop computer is more physically secure than laptops, smartphones, and tablets because it is often kept in one location, making it easier to protect. Desktop’s access to internet usually comes from a single source, which help to fight malware easier.
Each one of these items have different practices when it comes to secure your device, these are a few ones that they have in common:
Always run updates, avoid public or suspicious Wi-Fi, enable remote lock, enable user authentication, turn off device when not in use, and restrict physical access to device.
I’m already implementing a few security practices on my mobile device to protect it from being hacked. For example, I try to avoid social media apps as much as possible ( I do not have Facebook, Twitter, Tik Tok). Instagram is the only social media platform I have, and I always try to share as less information about myself as possible.
Another practice I use is to always download files from a trustworthy source or page.
Vojtko, Mark. “How to Prevent Security Misconfiguration.” Hashed Out by The SSL Store, 28 Dec. 2020, https://www.thesslstore.com/blog/how-to-prevent-security-misconfiguration/.