|
Twitter Users Victims of Two-Phase Attack: Screencast
by Alex Williams |
|
It looks like Twitter users were hit by a two-phase attack over the past week, fueling expert claims that Twitter is in criminals sights as a ripe place to execute “for-profit,” attacks.
Phase 1:
>>Last week, about 13,000 Twitter users get fooled into giving up their user names and passwords. At first it appears to be a worm but after some study, experts realize Twitter users were victims of a phishing attack.
Phase 2:
>> Over the weekend, Twitter users get messages to check out “Best Video.” Video site is really the home for a malware attack. Link takes users to a PDF file riddled with exploits.
Here’s the full story:
This entry was posted on Monday, June 1st, 2009 at 4:18 PM and is filed under Community Manager. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Comments
-
James says:
I recently spoke to someone who works for one of the world’s largest IT security companies who said they couldn’t be more thrilled about the advancement of social networking tools. The reason they are so happy? Because of all the attacks that are coming. That’s the benefit of being in a technological space where the problems you solve mutate and the nature of the space is to create new landscapes for problems to arise. The other tidbit that from this conversation that I thought was interesting and related - this company won’t use video on their site. No matter how much marketing clamors for it. How is massive security vendor going to defend you from video if they don’t even put it on their own site?
Like or Dislike:
0 
0
|
| VeriSign Homepage Redesign Live Little late in posting this but the new VeriSign.com homepage is officially live. It was made official before the new year after conducting tests to determine which of several designs was performing best. The winner was determined after examining... Secure Site Pro with EV SSL Rated 4.5 Out of 5 By PeC Here is an informative video review of one of VeriSign's SSL Certificates - Secure Site Pro with EV SSL. Conducted by Armando Roggio of the PeC Review, he explains what EV SSL is and why you need it. He also... Happy Holidays Happy holidays to everyone! Hope your New Year is a good one.... |
|
| PayPal UK Launch Security Key - Guest Posting from PayPal I am happy to say they are using VeriSign Identity Protection to deliver this, which means that PayPal Customers will be able to use their token at other sites who join the VIP network. PayPal are the first UK members of the network, but there are around 30 other members in different countries around the world so you can expect to see more places where you can use your token in the UK appearing shortly. Facebook scam - Part 2 This just in from the BBC web site, Symantec have identified a virus that steals user names and passwords, nothing new there. But, if I understand this right, it is delivered through a Facebook invitation from someone you don't know and delivers malware which can then steal user names / passwords and also keylog credit card info. Survey finds passwords are not secure - well d'uh! I don't think the vendor community has been crying wolf about the problems that stronger authentication solves, more like highlighting that this problem is here and growing. Well the discussion I have had recently with many different organisations across many different industries are now resulting in more and more consumer projects in this area |
|
| Top 10 Security "Predictions" for 2010 VeriSign has been asked to discuss the top 10 most important security areas for 2010....Although the list is far from complete, it is clear to me that there is no recession for the bad guys. In fact, it has probably never been a more interesting time to be in the security business. The inexorable convergence of cloud and security services Concerns for the security of application run in the cloud are running high. The perceived lack of security of cloud platforms is often cited as the primary obstacle to adoption. Whether "cloud" is defined as infrastructure as a service... Trust assurance in open identity networks One of key challenges in federated authentication network is the establishment of trust between an identity provider (IDP or OP) and relying party websites (RP). In the real world, contractual agreements provide a simple out-of-band mechanism to effectively bind... |
|
