Social Media News, Articles and Updates

Upright and under cover; getting your own hacker beats letting outsiders in

A social engineer will start by gathering Open Source Intelligence (OSINT) and the sleuthing continues using social media, finally giving the company an overview of their security posture without losing any of the data taken on the job.

Phishing via social media up 100 percent, now a preferred vector

The most interesting trend to surface in Q4 of RiskIQ's phishing report was a 100 percent increase in phishing campaigns leveraging social media platforms, accounting for 20 percent of the top-ten most phished brands.

US Senator says Facebook should clean up bots or face fines

Concerning the US FBI's investigation into Russian influence on the 2016 US election, Senator Amy Klobuchar said social media companies should be fined if they can't get rid of bots on their platforms.

Social media and engineering used to spread Tempted Cedar Spyware

Cyber-criminals are using social media and social engineering to dupe victims into downloading Advance Persistent Threat spyware disguised as the Kik messenger app.

Misconfigured Amazon Web Services bucket exposes 12,000 social influencers

Another misconfigured Amazon Web Services (AWS) S3 cloud storage bucket has been left insecure this time exposing the sensitive data of 12,000 social media influencers, most of whom were female.

New whaling and phishing techniques include weaponising Google Docs

Phishing from G-suite users: a weaponised Google spreadsheet hosted on G-Suite opens a remote HTML page which mimics the Google sign-in process and gives the impression that the victim needs to re-authenticate.

GhostTeam adware seeks to steal Facebook credentials

Vietnamese adware dubbed "GhostTeam" was found hiding in 53 Google Play apps disguised as utility apps, device performance boosting apps, and social media downloaders.

Terdot banking trojan targets social media, email & financial services

Saying that Terdot malware is a banking trojan is kind of like saying your computer is a giant calculator. Yes, that's essentially what it is, but it's also a whole lot more.

Former internet troll reveals secrets of Russia's Internet Research Agency

A former insider at Russia's Internet Research Agency (IRA) has divulged details on the online troll factory's operations, stating that he "absolutely" believes the organisation is connected to the Kremlin.

Social Media - the privileged account no one talks about

Companies seem to be slow to realise that their Twitter, Facebook or LinkedIn accounts and passwords require exactly the same protection as any of their high-risk or high-value internal systems says Jackson Shaw.

Russian anti-privacy laws go into effect - Facebook to be blocked

Russia's anti-privacy laws began taking effect 1 October - with another deadline on 1 November - just as the country pledged to block Facebook if the company refuses to store Russian citizens' data on Russian servers.

End users plus social media can add up to a corporate data breach

People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.

Government again takes aim at encryption after terrorists shake London

UK Prime Minister Theresa May says that technology companies are providing a "safe space" for terrorists.

New social media site Mastodon potential cyber-security tar pit

A new social network named Mastodon popped up a few months ago that is designed to deliver a decentralised, open-source experience, but its unique structure may make its members vulnerable to cyber-attacks.

Met Police: Quarter of cyber-crimes solved, GDPR could be the next PPI

Search engines are the biggest aider and abetter of cyber-crime, according to the head of the Metropolitan Police Cyber Crime Unit, speaking at a breakfast briefing last week.

Amber Rudd renews call for intelligence services to break encryption

Despite many in the tech industry saying it won't work, home secretary Amber Rudd would like to persuade tech giants such as WhatsApp to break encryption for the intelligence services.

Facebook spam caught delivering Locky ransomware

Over the weekend two security researchers spotted a Facebook spam campaign delivering Nemucod as well as Locky ransomware

Russian anti-terrorism law allows security firms to hack Facebook Messenger, Skype, WhatsApp

A recently passed Russian law has given that country's security firms the green light to crack encrypted communications services.

WordPress update fixes XSS issues

Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.

Online trolls: what's all the fuss?

As Scotland Yard prepares to open an anti-trolling squad, Roi Perez examines whether or not this is perhaps a misguided use of government funds.

Scotland Yard setting up Twitter police task force

Scotland Yard is to setup a Twitter task force which will hunt offensive online comments, and bring those posting them to justice.

CMA cracks down on undeclared paid-for promotional tweets

The Competitions and Markets Authority has warned two companies and dozens of online personalities against tweeting paid-for promotional messages disguised as unbiased recommendations.

Russian web hub offering stolen goods and exploit services, report

A robust underground marketplace for the sale of stolen products from compromised accounts as well as shady online services has been detected in Russia.

UK testing social media logins for authentication

To enhance the use of its web portal,, the UK government is testing the use of its subscribers' social media logins as an authentication method.

Identity fraud up by over half - biggest rises in London, Manchester

Identity fraud shot up by 57 percent in 2015 and eclipsed all other types, according to new research by anti-fraud company Cifas.

10,000 Facebook users infected by malware

A message seeming to come from a Facebook friend was instead a source of malware that ensnared 10,000 users.

Email attacks targeting online networkers, says Intel's Samani

Raj Samani, CTO EMEA of Intel Security, has warned of the risks of employees networking online. As social networking sites contain a wealth of information on an organisation, they can be a treasure trove for criminals wanting to carry out email-based attacks.

ISIS radicalises 'lone wolves' through strong social media presence

The recent tragedy at the Orlando nightclub has perhaps given new meaning to a report by ICIT on how radical groups like IS use social media to radicalise potential recruits

ISIS warns members of fake apps aimed at spying on terrorist group

Tech-savvy ISIS sent out an alert that an unknown source has released fake Android apps that the terrorist group fears may be used to spy on them.

Alleged LinkedIn, Tumblr and Myspace hacker compromised 171M Russian site accounts

A hacker that has targeted several American social media sites has now hit the Russian version of Facebook