Social Media

Access Control, Cryptocurrency, Cybercrime, Insider Threats, Network Security, Security News, Web Services Security, E-Commerce Security

Twitter hack is a reminder of the dangers of unfettered employee access

By

Bradley Barth

July 16, 2020

Twitter’s acknowledgement that a “coordinated social engineering campaign” involving multiple employees was behind a hack of prominent verified accounts raises significant questions as to whether business organizations are implementing effective security controls that limit potential insider threats’ access to back-end administrative tools. The hacking incident — which promoted a cryptocurrency scam and victimized the accounts…

APTs/cyberespionage, Cybercrime, Malware, Phishing, Security News

Cyber snoops targeted aerospace, defense employees with fake job offers on LinkedIn

By

Bradley Barth

June 17, 2020

A cyber espionage operation used fake job offers, sent via LinkedIn messages, to target employees at aerospace and military companies in Europe and the Middle East late last year, researchers from ESET have reported. The highly targeted campaign — dubbed Operation In(ter)ception (an allusion to one malware sample’s file name) — took place from September…

Coronavirus

P2P payment apps, users urged to curb COVID-19 advance fee fraud

By

Bradley Barth

May 14, 2020

Fraudsters posing as celebrities, philanthropists and do-gooders offering financial aid to everyday people struggling due to the COVID-19 epidemic are running scams on users of peer-to-peer payment applications such as Cash App and Venmo, but financial service providers and consumers can reduce the risk of becoming victims by implementing a few security measures. Satnam Narang,…

Cybercrime, Security News

Hacker hijacks Milwaukee Bucks star’s Twitter account, posts offensive trash talk

By

Bradley Barth

May 8, 2020

A malicious hacker reportedly hijacked the Twitter account of NBA star forward Giannis Antetokounmpo and riddled it with disparaging and offensive fake tweets about current and former players. The fake tweets used expletives and a racial slur, and even targeted L.A. Lakers legend Kobe Bryant, who tragically died in a helicopter crash earlier this year.…

Security News, Vulnerabilities

900,000 WordPress sites attacked via XSS vulnerabilities

By

Doug Olenick

May 6, 2020

Nearly 1 million WordPress sites are being hit by what is likely a single threat actor attempting to inject a redirect into the sites by exploiting a cross site scripting vulnerability. The attacks were discovered by the WordFence Threat Intelligence Team, which noted that since April 28 the number of XSS attacks has been 30…

Cybercrime, Data Breach, Security News

Details on 267M Facebook users sold for cheap on dark web

By

Bradley Barth

April 22, 2020

A cybercriminal actor on the dark web has made available a dataset of Facebook accounts belonging to 267 million users, recently selling the collective lot to researchers for 500 Euros. User data includes one’s email address, first and last names, phone number, Facebook ID, last connection, status and age, according to a blog post report…

Privacy & Compliance News and Analysis, Security News

Twitter changing safety guidelines regarding COVID-19 posts

By

Doug Olenick

March 19, 2020

Twitter has released new content guidelines regarding tweets that may help spread Coronavirus that will hunt down those that misinform the public, in much the same way the company is trying to protect elections. The company will now remove content that hinders people in some manner from seeking out the proper care for the virus…

Privacy & Compliance News and Analysis, Security News

Twitter goes after Baby Peanut, API threat

By

Doug Olenick

February 4, 2020

Two organizations attempted to manipulate Twitter to their benefit over the last few months, one was potentially a nation-sponsored actor. The other was a peanut by comparison. The more serious case was revealed by Twitter on February 3 when it reported it had shut down an attempt by a possible nation-state actor to exploit an…

Legal, Legal, Privacy & Compliance News and Analysis, Security News

Lawyers: Facebook is prepared to pay $550M to settle facial recognition lawsuit

By

Bradley Barth

January 30, 2020

Facebook has agreed to set aside $550 million to settle a class-action lawsuit brought by users who allege the social media company violated the Illinois Biometric Information Privacy Act (BIPA), attorneys for the plaintiffs announced on Wednesday. San Francisco Federal District Court Judge James Donato must still approve the settlement, which the lawyers claim is…

Cybercrime, Password management, Security News

OurMine hackers intercept NFL teams’ social media accounts

By

Bradley Barth

January 28, 2020

Over a dozen NFL teams may want to consider hiring a cyber defensive coordinator after their Twitter, Instagram and Facebook accounts were reportedly hijacked and defaced on Sunday and Monday by the mischievous OurMine hacker group, which has emerged from hibernation. According to multiple news sources, the hackers compromised the NFL’s league Twitter and Facebook…

MOST POPULAR