Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Mobile & Social: The Tipping Point For Cybercrime
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Monoranjang
50%
50%
Monoranjang,
User Rank: Apprentice
7/14/2014 | 1:06:30 AM
Re: What is Twitter doing?
Yes... I think we can develop some apps which can help to trap the criminals. The concept would be same, how an antivirus software can detect & trap malicius software. In this case we would not just trap the malicious software & propect our system but also take legal actions against the criminals.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/11/2014 | 9:41:03 AM
Re: What is Twitter doing?
Thanks for your comment @Monoranjang. Wondering if you have any specfic thoughts on what Twitter & FB should be doing to catch criminals and spread user awareness. 
Monoranjang
100%
0%
Monoranjang,
User Rank: Apprentice
7/11/2014 | 2:24:23 AM
Re: What is Twitter doing?
While we develop secured antiviral softwares & use in our devices, it is very important to

1. Pass an Internal Cybercrime Law againt the companies/organizations/individuals who is/are hosting hacking applications or plyaing any tricks to cheat users.

2. Big bosses of Twitter/Facebok must allocate a good bidget to catch the criminals & spread awareness among people through their social networking apps.

 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/21/2014 | 10:27:20 AM
Re: What is Twitter doing?
We all do love our apps don't we?  Having one or more apps in all of the major stores is important ,if not essential for businesses without question.  However many times the apps have much more web components underneath than you realize. Talking to back end web/app servers (think Heartbleed) and other pieces of infrastructure that piece together the overall experience for the user. Organizations need to ensure that their apps and websites have a tightly integrated security fabric to make sure the experience from a mobile app is enjoyable but equally secure.  I don't see a difference in security philosophy from either platform, web or mobile.  In fact, the two are intrinsically intertwined.
JamieJ716
100%
0%
JamieJ716,
User Rank: Apprentice
5/21/2014 | 4:33:53 AM
Re: What is Twitter doing?
All the social sites are doing well but now the smartphone mbile apps are going to be the Boss of all these.

 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/2/2014 | 10:32:59 AM
Re: Preaching to the choir? (Hope not)
Marilyn,

It is pretty consistent across all my talks which can have participants that range from CEO to clerical staff.  Even the security geeks are not immune to taking this unprotected approach unfortunately.  Mobile malware (particularly Android OS) is the shift from traditional Windows/PC based attacks.  More people are accessing senstiive sites and the internet in general from their mobile devices than PC's so that is where the attackers will focus and nefarious business models will flourish. Especially with so many of the users going without protection.
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/1/2014 | 9:29:44 AM
Re: What is Twitter doing?
Excellent insight on the intelligence factor. Totally agree with you there.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/1/2014 | 9:29:23 AM
Preaching to the choir? (Hope not)
JD, I found it particularly disconcerting that in informal polling of the audience at your speaking engagements, so few (<25%) said they had a form of security software on their mobile device. Was there a difference in the response based on the composition of the audience? I'd be horrified if that was prevalent in your talks to security experts.

 
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
5/1/2014 | 4:47:52 AM
Re: What is Twitter doing?
Social media are a privileged target of cyber criminals and state-sponsored hackers. Many illicit activities are exploiting social media platforms like phishing, spear phishing, watering hole and malware based attacks. Social media allow instantly to reach a wide audience. Don't forget also that they are also an excellent instrument for OSINT activity and also the ideal tools for PSYOps (see Arab spring) 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/1/2014 | 3:21:53 AM
Re: What is Twitter doing?
Blacklisting and account suspension is helping tremendously. I also think the continued education and adoption of two factor authentication is imperative.
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8015
PUBLISHED: 2020-04-02
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1.
CVE-2020-1927
PUBLISHED: 2020-04-02
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVE-2020-8144
PUBLISHED: 2020-04-01
The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware u...
CVE-2020-8145
PUBLISHED: 2020-04-01
The UniFi Video Server (Windows) web interface configuration restore functionality at the &acirc;&euro;&oelig;backup&acirc;&euro;&#65533; and &acirc;&euro;&oelig;wizard&acirc;&euro;&#65533; endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP ...
CVE-2020-8146
PUBLISHED: 2020-04-01
In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the win...