Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Mobile & Social: The Tipping Point For Cybercrime
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Monoranjang
50%
50%
Monoranjang,
User Rank: Apprentice
7/14/2014 | 1:06:30 AM
Re: What is Twitter doing?
Yes... I think we can develop some apps which can help to trap the criminals. The concept would be same, how an antivirus software can detect & trap malicius software. In this case we would not just trap the malicious software & propect our system but also take legal actions against the criminals.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/11/2014 | 9:41:03 AM
Re: What is Twitter doing?
Thanks for your comment @Monoranjang. Wondering if you have any specfic thoughts on what Twitter & FB should be doing to catch criminals and spread user awareness. 
Monoranjang
100%
0%
Monoranjang,
User Rank: Apprentice
7/11/2014 | 2:24:23 AM
Re: What is Twitter doing?
While we develop secured antiviral softwares & use in our devices, it is very important to

1. Pass an Internal Cybercrime Law againt the companies/organizations/individuals who is/are hosting hacking applications or plyaing any tricks to cheat users.

2. Big bosses of Twitter/Facebok must allocate a good bidget to catch the criminals & spread awareness among people through their social networking apps.

 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/21/2014 | 10:27:20 AM
Re: What is Twitter doing?
We all do love our apps don't we?  Having one or more apps in all of the major stores is important ,if not essential for businesses without question.  However many times the apps have much more web components underneath than you realize. Talking to back end web/app servers (think Heartbleed) and other pieces of infrastructure that piece together the overall experience for the user. Organizations need to ensure that their apps and websites have a tightly integrated security fabric to make sure the experience from a mobile app is enjoyable but equally secure.  I don't see a difference in security philosophy from either platform, web or mobile.  In fact, the two are intrinsically intertwined.
JamieJ716
100%
0%
JamieJ716,
User Rank: Apprentice
5/21/2014 | 4:33:53 AM
Re: What is Twitter doing?
All the social sites are doing well but now the smartphone mbile apps are going to be the Boss of all these.

 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/2/2014 | 10:32:59 AM
Re: Preaching to the choir? (Hope not)
Marilyn,

It is pretty consistent across all my talks which can have participants that range from CEO to clerical staff.  Even the security geeks are not immune to taking this unprotected approach unfortunately.  Mobile malware (particularly Android OS) is the shift from traditional Windows/PC based attacks.  More people are accessing senstiive sites and the internet in general from their mobile devices than PC's so that is where the attackers will focus and nefarious business models will flourish. Especially with so many of the users going without protection.
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/1/2014 | 9:29:44 AM
Re: What is Twitter doing?
Excellent insight on the intelligence factor. Totally agree with you there.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/1/2014 | 9:29:23 AM
Preaching to the choir? (Hope not)
JD, I found it particularly disconcerting that in informal polling of the audience at your speaking engagements, so few (<25%) said they had a form of security software on their mobile device. Was there a difference in the response based on the composition of the audience? I'd be horrified if that was prevalent in your talks to security experts.

 
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
5/1/2014 | 4:47:52 AM
Re: What is Twitter doing?
Social media are a privileged target of cyber criminals and state-sponsored hackers. Many illicit activities are exploiting social media platforms like phishing, spear phishing, watering hole and malware based attacks. Social media allow instantly to reach a wide audience. Don't forget also that they are also an excellent instrument for OSINT activity and also the ideal tools for PSYOps (see Arab spring) 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/1/2014 | 3:21:53 AM
Re: What is Twitter doing?
Blacklisting and account suspension is helping tremendously. I also think the continued education and adoption of two factor authentication is imperative.
Page 1 / 2   >   >>


How Attackers Could Use Azure Apps to Sneak into Microsoft 365
Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
Malicious USB Drive Hides Behind Gift Card Lure
Dark Reading Staff 3/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10940
PUBLISHED: 2020-03-27
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE-2020-10939
PUBLISHED: 2020-03-27
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE-2020-6095
PUBLISHED: 2020-03-27
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2020-10817
PUBLISHED: 2020-03-27
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE-2020-10952
PUBLISHED: 2020-03-27
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.