Welcome to this week's security bulletin!

Have you ever felt stalked by Facebook? Well, I do! Whenever I search for a beautiful dress or a shoe in any shopping apps or Google and then open Facebook, there it is showing various similar products in my newsfeed! Sometimes I think it is wonderful because Facebook makes my life easier by suggesting things like a friend. But when I think about it more, it's not right to interfere in someone's privacy.

The behavioral data generated from our online activity is shared between advertising companies and that's how they can suggest you more suitable products. You may have heard about Facebook Exchange (FBX)  a platform that enables advertisers to publish their ads on the Facebook sidebar or users’ timelines. However, in 2016 Facebook decided to shut FBX as this platform had stopped to meet the market expectations. Since 2016, advertisers can make use of different tools like for instance Dynamic Ads. This solution lets advertisers promote their products on Facebook and find the right audience. This is why you get targeted ads on your Facebook.

After being criticized over privacy and data breach, Facebook has introduced a new feature "Off-Facebook Activity" which gives users more control over the data being shared. This tool offers the user an ability to clear summary of information acquired by Facebook from other apps or websites.

To review your off-Facebook activity:

  1. Click 'down-arrow' at the top right of Facebook and click Settings.
  2. Click Your Facebook Information at the left column.
  3. Click Off-Facebook Activity to review. From here, you can also click Manage Your Off-Facebook Activity for more information. You'll be asked to re-enter your password.

But, this feature doesn’t allow you to remove browsing information from Facebook servers, instead it simply dissociates the user's Facebook account and collected data. Also, it may cause logging out from certain websites you have accessed using Facebook account.

Trello is a task management application that allows you to create, assign and follow up tasks that improve productivity. A Trello board is a list of lists, filled with cards, used by you and your team and each card is a task. A security issue is found out in Trello that if you forget to set your board 'private' then, it will be indexed by Google and will be available to the public.

Imagine that you have created a Trello task to upgrade a server and you put a lot of server information to make the task easier. If the board is public, the whole world can see it and you know it affects security. Many Trello boards were leaked and available on the Internet like this. Therefore, If you are using Trello, please make sure that your boards are private and if any of your data is leaked, please contact Google to remove the content.