Social Media News, Articles and Updates

Syrian 'Electronic Army' - two indicted for spear phishing & defacement

US prosecutors filed an indictment for two alleged Syrian Electronic Army hacktivists who are accused of compromising news media websites and social media accounts to spread propaganda supporting Bashar al-Assad.

Blockchain alone can't solve the Facebook problem

Internet users need a new kind of data permission system. Anything published on blockchain can be read by anyone, anywhere. That's kind of the whole point of it. So a new internet technology layer is needed to run on top of it.

NigelThorn malware mines for cryptocurrency and steals Facebook credentials

Malware spreads across social network. Malware that installs scripts to mine cryptocurrency and steal Facebook credentials has been discovered on the social network, according to security researchers.

LinkedIn Autofill flaw lets hackers harvest website visitors' personal info

If the visitor clicks anywhere on the page, then according to Cable, "LinkedIn interprets this as the AutoFill button being pressed, and sends the information via postMessage to the malicious site".

Trackers exploit 'login with Facebook' feature to gather & share user data

Web trackers like Bandsintown are exploiting the "Login with Facebook" feature to gain access to data from the social media firm's users, according a report by security researchers at the Freedom to Tinker blog.

Social media aggregator LocalBlox leaves 48m records in the cloud exposed

In the wake of the Facebook- CA scandal, social media data aggregation firm LocalBlox left an AWS bucket misconfigured revealing 48 million records gleaned from publicly available data on Facebook, LinkedIn and Twitter.

Is opting out of social media viable to cut security vulnerabilities?

UK pub major JD Wetherspoon has decided its bars are social enough without needing online social media, shutting its social media accounts, stating that they do not work, plus usage of social media entailed misuse of personal data.

Should LinkedIn follow Facebook's lead in data restriction controls?

Facebook's recent announcement to update its data restriction policies has prompted some researchers to examine other social media platforms to review their data practices as well.

Hackers still exploiting the human factor to carry out ransomware attacks

Nearly 70 percent of successful ransomware attacks in 2017 were the result of hackers gaining access to enterprise networks by phishing via email or social media network.

Nearly 1/3 of tech workers will delete Facebook accounts amid scandal, study

Amid the recent Facebook scandal, a new study found 31 percent of tech workers said they will delete their accounts on the popular social media platform.

Upright and under cover; getting your own hacker beats letting outsiders in

A social engineer will start by gathering Open Source Intelligence (OSINT) and the sleuthing continues using social media, finally giving the company an overview of their security posture without losing any of the data taken on the job.

Phishing via social media up 100 percent, now a preferred vector

The most interesting trend to surface in Q4 of RiskIQ's phishing report was a 100 percent increase in phishing campaigns leveraging social media platforms, accounting for 20 percent of the top-ten most phished brands.

US Senator says Facebook should clean up bots or face fines

Concerning the US FBI's investigation into Russian influence on the 2016 US election, Senator Amy Klobuchar said social media companies should be fined if they can't get rid of bots on their platforms.

Social media and engineering used to spread Tempted Cedar Spyware

Cyber-criminals are using social media and social engineering to dupe victims into downloading Advance Persistent Threat spyware disguised as the Kik messenger app.

Misconfigured Amazon Web Services bucket exposes 12,000 social influencers

Another misconfigured Amazon Web Services (AWS) S3 cloud storage bucket has been left insecure this time exposing the sensitive data of 12,000 social media influencers, most of whom were female.

New whaling and phishing techniques include weaponising Google Docs

Phishing from G-suite users: a weaponised Google spreadsheet hosted on G-Suite opens a remote HTML page which mimics the Google sign-in process and gives the impression that the victim needs to re-authenticate.

GhostTeam adware seeks to steal Facebook credentials

Vietnamese adware dubbed "GhostTeam" was found hiding in 53 Google Play apps disguised as utility apps, device performance boosting apps, and social media downloaders.

Terdot banking trojan targets social media, email & financial services

Saying that Terdot malware is a banking trojan is kind of like saying your computer is a giant calculator. Yes, that's essentially what it is, but it's also a whole lot more.

Former internet troll reveals secrets of Russia's Internet Research Agency

A former insider at Russia's Internet Research Agency (IRA) has divulged details on the online troll factory's operations, stating that he "absolutely" believes the organisation is connected to the Kremlin.

Social Media - the privileged account no one talks about

Companies seem to be slow to realise that their Twitter, Facebook or LinkedIn accounts and passwords require exactly the same protection as any of their high-risk or high-value internal systems says Jackson Shaw.

Russian anti-privacy laws go into effect - Facebook to be blocked

Russia's anti-privacy laws began taking effect 1 October - with another deadline on 1 November - just as the country pledged to block Facebook if the company refuses to store Russian citizens' data on Russian servers.

End users plus social media can add up to a corporate data breach

People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.

Government again takes aim at encryption after terrorists shake London

UK Prime Minister Theresa May says that technology companies are providing a "safe space" for terrorists.

New social media site Mastodon potential cyber-security tar pit

A new social network named Mastodon popped up a few months ago that is designed to deliver a decentralised, open-source experience, but its unique structure may make its members vulnerable to cyber-attacks.

Met Police: Quarter of cyber-crimes solved, GDPR could be the next PPI

Search engines are the biggest aider and abetter of cyber-crime, according to the head of the Metropolitan Police Cyber Crime Unit, speaking at a breakfast briefing last week.

Amber Rudd renews call for intelligence services to break encryption

Despite many in the tech industry saying it won't work, home secretary Amber Rudd would like to persuade tech giants such as WhatsApp to break encryption for the intelligence services.

Facebook spam caught delivering Locky ransomware

Over the weekend two security researchers spotted a Facebook spam campaign delivering Nemucod as well as Locky ransomware

Russian anti-terrorism law allows security firms to hack Facebook Messenger, Skype, WhatsApp

A recently passed Russian law has given that country's security firms the green light to crack encrypted communications services.

WordPress update fixes XSS issues

Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.

Online trolls: what's all the fuss?

As Scotland Yard prepares to open an anti-trolling squad, Roi Perez examines whether or not this is perhaps a misguided use of government funds.