social media
How to take control of personal data
Cybercriminals increasingly use open-source intelligence (OSINT) to craft convincing backstories, often by mining social media profiles for details on a target’s …
Why we fall for fake news and how can we change that?
Have you ever been swept away by an enticing headline and didn’t bother to probe the news in-depth? You might have shared an eye-catching news story or engaged with a …
Spoutible API exposed encrypted password reset tokens, 2FA secrets of users
A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be used to hijack user accounts. The problem with the …
Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)
Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have …
The growing challenge of cyber risk in the age of synthetic media
As AI tools become more widespread, impersonation and deception have become easier. However, organizations are combating this issue with policies and technological solutions. …
Social engineer reveals effective tricks for real-world intrusions
In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods …
Digital ops and ops management security predictions for 2024
CISOs don’t need a crystal ball – they already know that 2024 will be another tough year, especially with AI at everyone’s mind. Instead of playing catch-up regarding …
Exploring the impact of generative AI in the 2024 presidential election
2024 is a presidential election year in the US. 2016 and 2020 both saw impressive increases in attempts to influence voters through crafty propaganda and social media …
$2.7 billion lost to social media scams since 2021
Scams originating on social media have accounted for $2.7 billion in reported losses since 2021, more than any other contact method, according to the Federal Trade Commission. …
LLMs lower the barrier for entry into cybercrime
Cybercriminals employ evolving attack methodologies designed to breach traditional perimeter security, including secure email gateways, according to Egress. “Without a doubt …
MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th …
How Ducktail capitalizes on compromised business, ad accounts
Quite some money can be made from selling compromised business and ad accounts on social media platforms, and the Ducktail threat actor has specialized in just that. “We …
Featured news
Resources
Don't miss
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
- Microsoft patches three zero-days actively exploited by attackers
- U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
- A safer way to break industrial systems (on purpose)
- Maltrail: Open-source malicious traffic detection system