Informationweek Influencer
Kimberly (@StopMalvertisin)
- Twitter Bio:
- Stop Malvertising investigates and reports on current Malware Trends and the distribution of malware exploits through major online advertising networks.
- Website:
- http://stopmalvertising.com
Kimberly's Selections From the Web
Twitter users with SMS enabled are vulnerable to an attack that allows anyone to post to their account. The attacker only needs knowledge of the mobile number associated with a target’s Twitter account. Messages can then be sent to Twitter with the source number spoofed.Like email, the originating address of a SMS cannot be trusted. Many SMS gateways allow the originating address of a message to be set to an arbitrary identifier, including someone else’s number.Facebook and Venmo were also vulnerable to the same spoofing attack, but the issues were resolved after disclosing to their
Summary: Defense analyst John Arquilla believes the U.S. should stop prosecuting elite hackers and instead hire them to wage an online war against terrorists as well as other American enemies. He argues if the U.S. played its card rights with hackers, the war on terror would have been long over.
Earlier this year, a Federal Bureau of Investigation (FBI) executive
Hackers dumped another huge cache of stolen passwords, this time exposing what they said are as many 35,000 plaintext passcodes from the website of clothing maker Billabong International.
A post on CodePaste.net claimed 20,000 to 35,000 user names and corresponding passwords were retrieved in the hack of billabong.com. But the post included only 1,435 plaintext user credentials and didn't explain the discrepancy. Australia-based Billabong provides the accounts to customers to make frequent online purchasing more easy. The post also included what it claimed were user names and hashed passwords
After clicking on "Visit Google Drive on the web", users are automatically logged into their Google account without having to enter a password The Windows and Mac OS X desktop clients for Google's Drive file storage and synchronisation service open a backdoor to users' Google accounts which could allow the curious to access a Drive user's email, contacts and calendar entries.The sync tool includes a "Visit Google Drive on the web" link which opens Drive's web interface in the default browser and automatically logs the user in. Somewhat problematic is the fact that this session can then be used to switch to
Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats. Don't show me this againHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. Don't show me this againDon't forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. Don't show me this againHi there! If you're new here, you might want to subscribe to our RSS feed for updates. Don't show me this againAlready using Google+? Find us on Google+ for the latest security news. Don't show me this again
Summary: Many Twitter users are being warned to change their password after an unknown bug or hack has seen left some accounts with deleted tweets or scam-links posted to their feeds.Is it a bird? Is it a plane? No, it's a password reset message from Twitter, and you should probably do what it says.An unknown number of Twitter users have received a genuine email from the company warning they should change their password as soon as possible. In the email, the micro-blogging company noted: "Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others
Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats. Don't show me this againHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. Don't show me this againDon't forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. Don't show me this againHi there! If you're new here, you might want to subscribe to our RSS feed for updates. Don't show me this againAlready using Google+? Find us on Google+ for the latest security news. Don't show me this again
Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats. Don't show me this againHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. Don't show me this againDon't forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. Don't show me this againHi there! If you're new here, you might want to subscribe to our RSS feed for updates. Don't show me this againAlready using Google+? Find us on Google+ for the latest security news. Don't show me this againYesterday
Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats. Don't show me this againHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. Don't show me this againDon't forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. Don't show me this againHi there! If you're new here, you might want to subscribe to our RSS feed for updates. Don't show me this againAlready using Google+? Find us on Google+ for the latest security news. Don't show me this again
An investigation by the U.S. Federal Trade Commission (FTC) has suggested that the social networking site fell short in reviewing and verifying applications, and therefore "deceived" developers over security ratings.
When developers passed along an application into the now-closed verified apps scheme, it is reported that the social networking site was paid up to $95,000 in order to give software green 'ticks' of approval. By doing so, individual applications were given a "test for trustworthy user experiences" by Facebook.
However, an in-depth investigation into Facebook's practices, conducted by Commissioners Jon Leibowitz,
Upcoming Events
Live Events
- Big Data: Architecting Systems at Speed - E2 Conference Boston
- Learn how to enage customers through mobility - Mobile Commerce World - Mobile Commerce World
- Explore best practices for marketers in the new mobile world - Mobile Commerce World - Mobile Commerce World
- Learn how to best integrate mobile commerce with your current systems -- Mobile Commerce World - Mobile Commerce World
- Evaluating Emerging Technologies for the Enterprise - E2 Conference Boston
This Week's Issue
Current Healthcare Issue
- Healthcare CIO 20: Innovation is tough amid today's regulatory checklists. These leaders are getting it done.
- Lessons Learned: Boston area CIO John Halamka reflects on the marathon bombing
- And much more!
- Read the Current Issue
Current Education Issue
- Hacking Higher Ed: The cybersecurity challenge on college campuses lies as much with the students as with malicious outsiders.
- When Education Gets Too Virtual: Students can use technology to undermine the integrity of education.
- And much more!
- Read the Current Issue
Related Whitepapers
Related Reports
