Uber Hacked by 18 Year Old, Morgan Stanley Hard Drives Got Auctioned, Deleting Your Data is Hard

Uber Hacked by 18 Year Old, Morgan Stanley Hard Drives Got Auctioned, Deleting Your Data is Hard

Uber got hacked by an 18 year old using social engineering and a multi-factor authentication fatigue attack, Morgan Stanley has been auctioning off hard drives holding sensitive client data since 2015, and ...
LastPass Data Breach, ETHERLED: Air-Gapped Systems Attack, Twitter Whistleblower Complaint

LastPass Data Breach, ETHERLED: Air-Gapped Systems Attack, Twitter Whistleblower Complaint

Popular password manager LastPass announced that some of their source code was stolen, but that no customer passwords were compromised in a recent data breach disclosure, an Israeli researcher has discovered a ...
Social Media Misinformation

Social Media Countermeasures – Battling Long-Running Scams on YouTube, Facebook, Twitter and Instagram

For the past few years, I’ve been documenting, screenshotting, and sharing examples of criminal campaigns on the three big social media platforms: Facebook, YouTube and Twitter. I’m not that interested in speculating ...
How 1-Time Passcodes Became a Corporate Liability

How 1-Time Passcodes Became a Corporate Liability

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world's largest technology companies and customer support firms. A recent ...
Twitter

Security Industry Rallies Behind Twitter Whistleblower

It probably isn’t a surprise to any skeptics of the security practices of social media platforms—or who specifically remember Twitter’s previous security mishaps, including the hack of high-profile blue-check accounts—that Twitter’s cybersecurity ...
Security Boulevard

Twitter Exposes Personal Information for 5.4 Million Accounts

Twitter accidentally exposed the personal information—including phone numbers and email addresses—for 5.4 million accounts. And someone was trying to sell this information. In January 2022, we received a report through our bug ...
Asigra Malware

GitHub Zero-Day: From 35K Repos Compromised to False Alarm

At 6:14 a.m. GMT on August 3, 2022, a Twitter thread from Stephen Lacy threw the security Twitter-sphere into a frenzy. An alleged zero-day (-like) vulnerability that exposed over 35,000 repositories was announced; ...
Security Boulevard
Twitter Data Breach, 15 Minutes to Exploit Zero-Day Vulnerabilities, Resilient Deepfake Traits

Twitter Data Breach, 15 Minutes to Exploit Zero-Day Vulnerabilities, Resilient Deepfake Traits

Twitter suffers a data breach of phone numbers and email addresses belonging to 5.4 million accounts, new research shows that attackers are finding and exploiting zero-day vulnerabilities in 15 minutes, and details ...
Customer Support Impersonation Scams on Twitter

Customer Support Impersonation Scams on Twitter

How scammers are using fake/lookalike brand customer support accounts on Twitter to hijack users' crypto wallets, bank accounts and user handles ...
Elon Musk Buys Twitter, Forgotten BIOS Updates, T-Shirt Outwits Facial Recognition

Elon Musk Buys Twitter, Forgotten BIOS Updates, T-Shirt Outwits Facial Recognition

Elon Musk buys Twitter for $44 billion so what does this mean for the privacy and cybersecurity of the platform? More than 100 different Lenovo laptop computers contain firmware-level vulnerabilities which is ...