www.fgks.org   »   [go: up one dir, main page]

 Social Networks

Stuxnet's persistent legacy: Cybersecurity is blended security

Charles Jeter, ESET cybercrime investigator December 09, 2010

Were cybersecurity and Stuxnet involved with Iranian Prof. Shahriari's recent assassination? What are the game-changing physical security considerations for chief information officers?
 

Social networks: Criminal enterprise, Pt. 2

Charles Jeter, ESET cybercrime investigator December 01, 2010

Some low level criminal networks have profiles in everyday social networks. Would researching these profiles during cyber intrusion research risk tipping off the bad guys?
 

Scammers ready to pounce on Cyber Monday deal-hunters

Angela Moscaritolo November 23, 2010

Social networking sites and search engines are expected to be hit hard as cybercriminals try to wrangle in unsuspecting holiday shoppers.
 

New malicious email campaign targets Facebook users

Dan Kaplan November 19, 2010

A large wave of malicious emails claiming to come from Facebook began hitting inboxes this morning, according to researchers at messaging security firm AppRiver. The emails contain the subject line "Facebook Support" and purport to be from "Facebook office." Recipients are told their Facebook accounts have been blocked due to spam activity and they must use a new password, which is included in an attachment. However, the attachment actually contains a variant of the Oficla downloader, which has been known to install rogue anti-virus programs and the Zeus trojan. AppRiver has detected more than 100,000 of the messages. - DK
 

Firefox add-on allows session hijacking of popular sites

Angela Moscaritolo October 26, 2010

A computer researcher has released a plug-in for the Firefox web browser that lets anyone scan open Wi-Fi networks and hijack, for example, Twitter and Facebook accounts.
 

Twitter recovers after second worm attack in a week

Dan Kaplan September 27, 2010

Twitter is cleaning up from another fast-spreading worm that forced users to tweet out a graphic message.
 

Twitter hole patched

September 22, 2010

A flaw allowing JavaScript code to appear in tweets was plugged Wednesday morning by engineers at Twitter.com. The far-ranging cross-site scripting attack, which reportedly originated as a harmless, proof-of-concept attack by an Australian teenager, was estimated to affect more than 500,000 users of the social network site. The attacks exploited a common JavaScript feature, onmouseover, that allows programmers to create discrete actions when users move their mouse cursor over an area of a web page. The worm allowed attackers to infect a user's account, as well as those of their followers. - GM
 

Twitter fixes XSS flaw after being exploited

Angela Moscaritolo September 08, 2010

Cybercriminals this week took advantage of a cross-site scripting vulnerability on Twitter that since has been fixed, according to security researchers
 

Facebook unveils new logout capability

Dan Kaplan September 03, 2010

Facebook on Thursday announced the launch of a new security feature that allows members to log out of any active sessions from a central control. The function is aimed at users who may have accidentally remained logged in when using a computer or mobile device that wasn't their own. However, according to a Facebook Security blog post, the feature also can be used to sign off individuals who may have gained unauthorized access to an account. The new tool complements a feature announced in May that allows users to approve the devices that can access their accounts. — DK
 

Spammers inundate Apple's new social media service Ping

Angela Moscaritolo September 03, 2010

Apple's new social media service Ping already is being abused by spammers, security experts are warning.
 

Fake TweetDeck update on Twitter leads to trojan

Angela Moscaritolo August 31, 2010

Attackers took to Twitter on Monday to spread malware via links pointing to what they claimed was an update to the popular microblogging client TweetDeck.
 

Facebook "dislike" button scam spreading

Angela Moscaritolo August 16, 2010

The latest scam to hit Facebook is trying to trick users into spreading spam with the offer of a "dislike" button, Graham Cluley, senior technology consultant at anti-virus firm Sophos, said in a blog post Monday. Many users have been clamoring for such a capability, as they could use the button to give a thumbs-down to other posts, links or uploads of which they are not fond. A "like" button already exists. The scam entices users to click on a link and install a rogue Facebook application, Cluley said. If the app is given permission to run, it posts spam messages from the user's account and prompts them to complete an online survey that makes money for the perpetrators. — AM
 

Facebook fixes bug that spammers could have used

Angela Moscaritolo August 12, 2010

Facebook this week fixed a privacy glitch on its website that could have been abused to obtain a user's full name and photo by entering an incorrect password, a researcher said Wednesday.
 

Cybersecurity mythbusting: Book smart vs. street smart, Part 1

Charles Jeter, ESET cybercrime investigator August 03, 2010

What happens when it comes to recognizing computer crimes and scams which cost much more than pocket change?
 

Facebook detail harvest not security issue

Dan Raywood July 30, 2010

A security consultant said that he collected and published the names of one fifth of Facebook's global user base as part of his work on a security tool.
 

Embracing the social network

Rick Tracy, CTO and CSO, Telos Corp. July 01, 2010

Social networks must be adopted in the enterprise...with precautions, says Rick Tracy.
 

FTC forces Twitter to upgrade its IT security program

Dan Kaplan June 24, 2010

Twitter becomes the first social networking site to settle with the Federal Trade Commission over charges of broken data security.
 

Researcher demonstrates Twitter XSS vulnerability

Angela Moscaritolo June 24, 2010

A Twitter user has demonstrated a cross-site scripting (XSS) vulnerability on the microblogging platform that could allow an attacker to take over users' accounts or spread malware.
 

Laughing at adversity in security

Lysa Myers, director of research, West Coast Labs June 11, 2010

The author concludes her look at the "Five Stages of Employment" on a happy note by breaking down the things about information security that make her chuckle.
 

Scores of spoofed YouTube pages lead to malware

Angela Moscaritolo June 09, 2010

Malicious pages, numbering more than 700,000 as of Wednesday, claim to contain a must-see YouTube video associated with the Gulf oil spill, NBA Playoffs, Harry Potter and other popular topics.
 

Walking the tightrope: social media and data protection in the enterprise

Mark Menke, chief technology officer, Code Green Networks June 03, 2010

Organizations may want to second-guess a more restrictive strategy on website access and settle on a more pragmatic approach.
 

User-friendly Facebook privacy settings to arrive

Dan Kaplan May 25, 2010

Beginning Wednesday, Facebook is planning to overhaul its oft-maligned privacy settings, blog TechCrunch reported Tuesday. Speaking at a TechCrunch event in New York, Chris Cox, director of product for Facebook, said the new controls would be simpler, but offered no other details. The announcement comes as Facebook deals with significant criticism for its recently announced "Instant Personalization" and "social plug-in" features, which automatically opt in users to share data with some third-party websites in an effort to make their total web experience a more sociable one. Facebook's founder over the weekend reportedly admitted the company has made mistakes regarding privacy. — DK
 

Facebook seals shut CSRF vulnerability

Dan Kaplan May 18, 2010

Facebook has plugged a cross-site request forgery (CSRF) vulnerability that could have allowed attackers to alter privacy settings and deface profiles on the behalf of unwitting users, according to a security advisory released Monday by network security firm Alert Logic. The "critical" bug could had been exploited by bypassing Facebook's anti-CSRF controls and tricking a logged-in user to click on a malicious link. The vulnerability, discovered by M.J. Keith, senior security analyst at Alert Logic, was reported to Facebook on May 11 and patched Monday. The flaw appears to never have been publicly known. — DK
 

"Sexiest video" scam preys on Facebook users

Angela Moscaritolo May 17, 2010

Researchers over the weekend discovered a new Facebook adware campaign that quickly was disabled.
 

Tool lets Twitter be used to control botnet

Dan Kaplan May 14, 2010

Researchers have discovered a simple-to-use program that can be used to send botnet commands from Twitter.
 

Privacy and security concerns aside, you're OK in my book, Facebook

Dan Kaplan May 14, 2010

When I typed "How do I" into Google today, the first auto response to show was "How do I delete my Facebook account?" "Whaaat?" was my first reaction. After all, this is the most popular website in the world. Why would anyone want to leave it?
 

Facebook shuts off chat feature to work on privacy glitch

Dan Kaplan May 05, 2010

Facebook, already under fire for privacy policy changes it recently made, rushed a fix on Wednesday for a glitch that could permit users to view live chat sessions of their friends.
 

FTC working on new privacy guidelines

Angela Moscaritolo April 28, 2010

By the end of the summer, the FTC hopes to release a set of "guiding principles" outlining how businesses should handle certain privacy issues.
 

Blippy to hire CSO, conduct audits after credit card breach

Dan Kaplan April 26, 2010

Blippy, a social networking website on which users can share details of their purchases, is responding to a recently announced breach by investing in an IT security program.
 

1.5 million stolen Facebook accounts up for grabs

Angela Moscaritolo April 23, 2010

Researchers at VeriSign's iDefense have discovered a single hacker selling 1.5 million stolen Facebook account credentials on an underground market. The stolen credentials were put up for sale by a hacker with the handle "kirllos" who is believed to be from Eastern Europe. The hacker is selling batches of 1,000 accounts with 10 Facebook "friends" for $25 and 1,000 accounts with more than 10 "friends" for up to $45. It is estimated that 700,000 accounts have already been purchased. Compromised Facebook accounts can be used by cybercriminals to spread malware, send spam or attempt to defraud a user's "friends." — AM
 

Latest News


Popular Topics
Breaches & Exposures Browser Flaws Browsers And Security Cyber Attacks Cyber War Cybercrime Cyberwarfare Data Breaches DDoS Education Government Hackers Insider Threat Nation State Non-Microsoft Patches Password Management Patch Management Patch Tuesday Privacy Social Networking Spam Stuxnet Vulnerabilities & Flaws Vulnerability Disclosure Website Compromises