Social Networking

With virus and spam outbreaks, analysts needs to keep their nerves to analyze the situation and proceed to deal with the new threat. So, I wasn’t expected to be surprised by my friends’ actions on facebook this past weekend. It started innocently enough, as a post about getting a Free $25 Starbucks gift card for joining a particular group. The first person to join the group from my friends list happens to work for a non-profit organization helping young people. So, I expected the young people on his “friends list” to join this group shortly. ...

Information leakage is a real problem. It’s especially bad for high-security organizations, like military agencies. And it’s now harder than ever, thanks to services such as Flickr, Photobucket, Facebook, Twitter and Myspace. So, we worked together with Lewis Communications to submit a Freedom Of Information Act request to Ministry of Defence in UK, asking if they’ve had problems with this. ...

The most popular micro blogging network ‘Twitter’ has now added local trends support. This new feature allows users to track Trending topics on twitter related to their region. Though, currently very less number of countries and cities added to it. In twitter words: Local Trends will allow you to learn more about the nuances in our world and discover even more relevant topics that might matter to you. We’ll be improving this feature over time to provide more locations, languages, and data through our API. ...

As you may have heard in the last few days, Twitter has banned 370 passwords (actually only 369, ‘password’ appears twice in the list) as ‘too obvious’ to be safe for their users. A good move in theory but why are so few words banned? And what are they? The list is available in various places online, or even just by viewing the source of the Twitter sign up page. Sadly the sports fans in this Sophos office may be out of luck with both ‘boston’ and ‘redsox’ making the banned list. ...

Hopefully, the holiday season has found you spending a good amount of time offline: enjoying moments spent with friends and family, keeping long-standing traditions or creating new ones to follow for seasons to come, or just relaxing due to some downtime from work or school. It wouldn’t come as much of a surprise, though, if you’ve still found yourself spending a fair share of your time during the holidays online: checking status updates and posting new pictures on Facebook, or sending and checking tweets on Twitter. And, why not? These networking sites are an easy way to connect and share with the people we care about. ...

It’s the usual situation, with the bad guys exploiting the death of a famous person, just like they did with Michael Jackson. Yesterday we identified some Twitter accounts that are being used both to send “make money on the Internet” spam, and also to spread links to malware. In both cases, they used Brittany Murphy’s name. Here’s a couple of examples: The actual text of messages of this type can vary. What characterizes them is that the first link is genuine, i.e. it leads to a site which really does talk about the topic tweeted. The second link though, leads to standard spam advertising sites which tell you how to earn money on the Internet, offer various goods, etc. The second type of tweet we’re seeing is undeniably malicious. These tweets, like the first type, use Brittany Murphy’s name, but have a shortened bit.ly URL leading to malware: ...

Twitter, one of the Internets most popular social networking sites, has been hacked and defaced by a group claiming to be an “Iranian Cyber Army” as of 10:15PM PST today. At this point no statement has been made by Twitter, so it’s unclear as to what vulnerability was used to exploit the site. Oftentimes hacktivism campaigns are fueled by ego-driven script kiddies who use publicly available exploits, but for now we’ll have to wait and see if Twitter decides to publicly announce the details surrounding the attack. The defacement has been removed and Twitter is back up and running as of 11:20 PM PST. ...

There were two news stories recently that seemed to coincide. In the first, Cisco issued an annual security report which said the two current targets of the Internet criminal underground are banks and social networks. Banks because, well, we all know what they keep there. Social networks are targets because that’s where weakly protected password databases are kept and the passwords they contain probably are used on a lot of other sites as well. ...