Considering a number of high-profile companies have fallen victim to Twitter account hijacks, prompting the service to install additional protections, a bizarre string of tweets sent by Chipotle Mexican Grill's account on Sunday appeared to fit the pattern of a hack.
The U.K. researcher "fin1te" discovered that through the "Mobile Texts" set-up process, he is able to become a different user by making a simple source code alteration.
Facebook was made aware of the glitch through its bug bounty program, where researchers receive monetary rewards for reporting flaws to the company.
Malicious activity on the anonymity software's network tripped Facebook's "site integrity systems."
The security company apologized for the mistake and said occurrences of the social networking worm are not rising, and actually continue to diminish.
Following a series of high-profile Twitter account hijacks, the microblogging service finally has delivered two-factor authentication.
Scammers use a click-the-pic ruse to redirect users to the Blackhole exploit kit
Facebook announced this week that it is donating $250,000 to the Center for Information Assurance and Joint Forensics Research at the University of Alabama at Birmingham (UAB).
The personally identifiable information found on social networks are a gateway for hackers to get access to the heart of the information they truly desire.
Discovered earlier this year, Mahdi isn't particularly sophisticated malware, but is effective due to redevelopment efforts by attackers. And now it's targeting people with connections to the United States.
Facebook has agreed to settle privacy charges lodged by the Federal Trade Commission. The social networking giant, among other things, is required to undergo biennial privacy audits.
Facebook this week announced a new "malware checkpoint" capability through which users who believe their accounts have been infected can test them against one of two anti-virus products.
For the first time in nearly a year, Twitter suffered a prolonged outage Thursday, leaving its 140 million active monthly users without micro-blogging capabilities.
Business-networking site LinkedIn is looking into the possibility of a data breach which may have led to the theft of nearly 6.5 million user passwords.
Sites such as Facebook and Twitter contain seemingly infinite amounts of personal data, so it's no wonder criminals have turned their focus there. But social media providers and end-users can protect themselves.
Perhaps Facebook users are beginning to expect more consideration from their friends on social networks.
Twitter on Thursday filed a lawsuit against five entities that allegedly provide tools so spammers can tweet unwanted links to legitimate users.
The FTC seemed most upset with RockYou's failure to protect the personal information of 179,000 children who registered to use the site.
And so it begins. The all-the-rage virtual pinboard Pinterest is the latest social networking darling to draw the fancy of cyber swindlers.
Facebook users in Europe experienced a two-hour blackout that the company describes as "technical difficulties."
Facebook and the state of Washington have filed separate lawsuits against Adscend Media, alleging the company was responsible for spreading malware and for stealing personal information from Facebook users.
Twitter, a hotbed of malware due to its extreme popularity, has made one of its first-ever security acquisitions with the purchase of Dasient.
A new variant of the Ramnit virus harvested the login credentials of more than 45,000 Facebook users worldwide, according to researchers.
Variants of the Zeus trojan are being used in new Facebook and banking heists, security researchers and law enforcement are warning.
The Federal Trade Commission has come down hard on Facebook over allegations of "unfair and deceptive" privacy promises, and the social networking behemoth has responded by admitting to its mistakes and appointing two new privacy heads.
Twitter has acquired a start-up that makes security and management solutions for Android devices.
Cyber Monday, the digital equivalent of the brick-and-mortar world's Black Friday, is one of the busiest online shopping days of the year, and typically marks the beginning of a month-long period of increased online threats.
The social media giant is "pursuing the appropriate action" against those behind a wave of pornographic content that showed up on users' news feeds this week.
Facebook on Thursday introduced two new security features to help users better protect their accounts. The first is the ability to create unique passwords for each application a user accesses. (Normally they only need to enter in their standard Facebook credentials). The new capability allows members to create a password, which they won't have to remember each time they login to the app, by visiting Account Settings>Security>App Passwords. Meanwhile, the "Trusted Friends" feature allows a user to select three to five trusted individuals to serve as custodians of codes that can be used to access one's account if he or she is ever locked out.
Researchers have discovered a way to evade Facebook security controls to deliver a message that could come outfitted with a malicious attachment.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context