Tag Archives: Twitter

Selling Your Mobile Data on eBay

March 24, 2011 Data Loss, General

A recent study has found that many people selling their phones on the auctioning site ebay are not deleting sensitive data first.

Such data left on phones often consists of banking details, photographs and emails, amongst other pieces of information.

Many of the security concerns regarding computers are now applicable to mobile phones as they become increasingly sophisticated as emphasised by Joe Nocera, an information security expert at PricewaterhouseCoopers.

Researchers at CPP bought an assortment of phones and used SIM cards. The results were clear. Two hundred and seven pieces of separate pieces of information were discovered on 19 of the 35 phones in addition to 27 of the 50 SIM cards.

Information included bank account details, credit card details and login details to social networking sites, including Facebook and Twitter.

These shocking reports claim that up to half of mobile users selling their phones on the site leave them teaming with sensitive data, potentially crippling in the wrong hands. Perhaps the most apparent branch of fraud would be identity fraud.

Four in five people claim to have wiped their phone before selling it. A further six in ten are confident that all sensitive data has at least been removed, according to the report. The fact that people are convinced they have actually removed the data is very worrying indeed. It perhaps points to how difficult removing personal information from such devices, can be.

Today people upgrade mobile phones frequently, and must make a conscious effort to be less careless when it comes to loading personal data onto them.

As Danny Harrison of CPP puts it �This report is a shocking wake-up call.�

Political hacking to define 2011, McAfee predicts

January 5, 2011 General

Security experts at McAfee have stated that the coming year will bring significant problems to those who are charged with protecting data and retaining the integrity of corporate systems, although this time there will be political motivations behind the actions of so-called hacktivists.

In the past cybercriminals have worked purely for financial gain, but since the Wikileaks scandal and the rise of the Anonymous hacktivist group, many public and private sector firms could face disruption which is not founded on traditional goals.

The publication of McAfee’s 2011 Threat Predictions paper brings home warnings about the potential risks facing businesses and organisations who strive for data protection, because attacks will not only come from organised crime groups, but also private citizens who want to leverage the internet to further their political cause.

The proliferation of social networking tools like Twitter is allowing disparate individuals to communicate and organise wider attacks, with big names like Amazon and PayPal both suffering as a result in the final weeks of 2010.

McAfee’s Greg Day spoke to V3.co.uk and explained that 2011 would inevitably see various private companies coming under public scrutiny as a result of their involvement with something like the Wikileaks scandal.

Mr Day is also keen to emphasise that cybercriminals will be very much active in 2011, with new tools of business being leveraged to their advantage. Location-based services which use GPS data generated from mobile devices are thought to be a particular risk, while the exploitation of URL shortening technology will continue to allow the spread of malware via Facebook and Twitter.

Mr Day said that both the criminals and hacktivists would use platforms which have risen in popularity over the past 12 months in order to stay ahead of the game in 2011 and as such security experts have to move with the times and act now in order to ensure protection.

Data loss and security weaknesses relating to social networking are seen as being related hot topics for 2011 and experts urge early preventative action rather than reparative reaction.

Gawker suffers massive data loss and Amazon rebukes DDoS claims

December 15, 2010 General

The world of online security has been tumultuous over the last two weeks after the release of diplomatic cables by Wikileaks. Now major sites are coming under attack by hackers, with significant data loss suffered by gossip site Gawker and online retail site Amazon denying that recent downtime was caused by a distributed denial of service (DDoS) attack.

It is known that Amazon was a target of the Anonymous group of pro-Wikileaks hackers, but downtime of the UK and other European iterations of its retail site on Sunday evening, has now been officially put down to a technical fault, rather than the actions of third party groups acting with malicious intent.

Gawker has been the biggest victim in recent days, with 1.3 million of its users having their passwords and login details exposed alongside more than half a million personal email addresses, as the result of a hack.

The Gawker data loss incident is not believed to have any relation to the Wikileaks debate, but it is a serious security breach, since many people use the same email address and password to log into multiple accounts and the exposure of users in this way could leave hundreds of thousands open to further exploitation on unrelated services.

Gawker told its users that they should change their password not only on its site but also on any other service which shared that password, as criminals might now be able to access other accounts linked to individuals.

It said that encryption was present but a brute force attack is likely to have breached its security and compromised one of its servers.

Gawker has expressed its embarrassment at the data breach and the subsequent leaking of millions of passwords.

Social networking site Twitter has become awash with spam from legitimate accounts, after the hackers made passwords available via file sharing services and cybercriminals quickly logged into accounts to spread their malicious links.

The actions of Anonymous and the Gawker hackers have reawakened serious questions about IT security in a corporate environment and shown how easily large entities can be brought to their knees by small groups of dedicated hackers.

Twitter tuition suggested to minimise risks to businesses

December 6, 2010 General

The expansion of microblogging site Twitter has meant that millions of people around the world use it, often at work. Like any online trend, malicious groups are attempting to exploit its popularity and security firm Symantec is warning that this could put businesses at risks as employees tweet from work and risk unintentional infection of IT systems from spammers and cybercriminals.

The way to best solve the problem is not to block Twitter but instead to instruct employees on how it can be used safely, according to Symantec.

The most common way to exploit Twitter users and get them to visit malicious sites is to piggyback on a trending topic, cut out the relevant shortened link and replace it with a similarly shortened link that,instead, sends those who click it to a site which could damage systems, breach security and steal data.

Symantec’s Candid Wueest, said that many Twitter users were unable to differentiate between safe links and those which could be potentially harmful. Wueest pointed out that even when ostensibly reputable websites were the subject of a link, it was possible for the criminals to have hijacked the address and therefore spread viruses and malware in relative secret.

Wueest said that one option to combat the threat from Twitter is to keep up to date security software on all work computers, although this is not the only remedy for the problem.

The operators of Twitter itself are also working to limit the impact of malicious links if not eradicate them completely, by allowing users the chance to expand shortened links before they visit them in order to check up on their veracity. The doubling up of URL shorteners might potentially bypass this technique, but Twitter is hoping to overcome any of these basic circumventions that criminals will attempt.

URL shortening has become prevalent in spam of all kinds, with around 18 per cent of malicious emails sent this year containing a shortened link, which is twice as many as in the previous year according to Symantec.

Global data usage figures predicted to soar in 2010

May 11, 2010 General

The latest statistics suggest another record year for global data output, with a total of 1.2 Zettabytes set to be produced over the course of 2010 by businesses and individuals around the world.

The Interactive Data Corp (IDC) has published this information in a report that asks whether firms are ready to face what it is calling the Digital Universe Decade.

A Zettabyte is the equivalent of a trillion gigabytes, or in current pop culture terms, the same volume of data that could be stored on about 75 billion Apple iPads with 16GB of capacity.

Between 2008 and 2009 the annual global data output grew by 62 per cent, according to IDC. This rate of growth shows no signs of slowing, and to give some perspective, the figures have also been translated into terms that will be comprehensible to social networking fans. 1.2 Zettabytes is equivalent to the volume of data that the entire global population would produce if everyone used Twitter non-stop for a century.

The boom in data storage requirements that will be seen as a result of increased data volumes is believed to mean that in ten years time there will be many more professionals working in the IT industry than there are today. However, this will be a relatively small increase compared to the capacity of the data storage solutions that will exist in a decade, with at least a 62 per cent increase predicted.

The most telling fact noted by IDC is that the global community is already producing 35 per cent more data than there is available storage. This discrepancy is only set to grow, with a 60 per cent overflow rate being predicted within the next few years.

Experts believe that this seemingly insurmountable growth in the data storage requirements of businesses will mean that switching to cloud-based solutions will be the only viable option to maintain effective operation.

IDC says that 80 per cent of the world’s data output is stored by businesses, despite the fact that the creation of 70 per cent of the total annual data can be attributed to individuals. It also says that firms that adopt social media tools for internal use will also bear a greater proportion of this growth as a result.

Mysterious Twitter user “home” has 35,000 followers and an invisible account

August 20, 2009 General

A mysterious Twitter user with the username “home” seems to be getting a rather raw deal. Whenever somebody tries to access Twitter.com/home they are redirected to the Twitter homepage – it seems that this particular account has been grandfathered and overwritten without the user knowing.

This would be fine if the account wasn’t active but strangely it is and has over 35,000 followers despite a measly two status updates. The account is also following neo and TomFulp although it’s hard to believe he can see their updates or even log in to post some more.

The screenshot above was taken from the Google cached version of the page which means that Twitter is displaying different content to Google than they are to real users. This isn’t as sinister as it sounds because they aren’t doing it by detecting the Googlebot user agent – it’s just because the search engines spider doesn’t accept cookies.

Interestingly a lot of users are Tweeting the phrase “@home” to mean they are “at home”. I doubt they are aware that @home is actually a real Twitter user.