Now BlueSky hit with crypto scams as it crosses 20 million users

November 21, 2024 at 05:32AM As BlueSky surpasses 20 million users, cryptocurrency scams are emerging, similar to those on X/Twitter. Threat actors are using misleading posts with AI-generated images and impersonating Meta branding. BlueSky’s decentralized nature complicates moderation, leading to a surge in reports of spam and scams, highlighting significant operational challenges. **Meeting Takeaways: BlueSky … Read more

Social Media Accounts: The Weak Link in Organizational SaaS Security

October 9, 2024 at 07:39AM Organizations often neglect social media account security, risking reputational damage and financial losses. With multiple access layers and stakeholders, proper governance is critical. Utilizing SaaS Security Posture Management (SSPM) tools can enhance oversight, mitigate risks, and ensure only authorized users engage on behalf of the brand. ### Meeting Takeaways – … Read more

Russia tells citizens to switch off home surveillance because the Ukrainians are coming

August 21, 2024 at 11:12AM Russia’s Ministry of Internal Affairs issued warnings to residents of under-siege regions, advising them to turn off home surveillance systems and avoid using dating apps to prevent Ukraine from gathering intelligence. The warnings were part of a memo aimed at protecting high-value Russian individuals and military personnel from Ukrainian interest. … Read more

TikTok confirms CNN, other high-profile accounts hijacked via zero-day vulnerability

June 5, 2024 at 05:51PM Cyber attackers exploited a zero-day vulnerability in TikTok to compromise high-profile accounts, including CNN’s. The app maker has confirmed the cyberattack and is working to secure accounts. The attack involved a specially crafted direct message, bypassing the need for the target to open a link. TikTok has faced previous security … Read more

Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs

June 5, 2024 at 03:09AM TikTok acknowledged a zero-click account takeover campaign by threat actors, impacting high-profile accounts on the platform. The company has taken preventive measures and is working with affected users. Previous security issues were also highlighted, including a flaw enabling data extraction and a one-click exploit. Concerns about TikTok’s Chinese roots further … Read more

TikTok fixes zero-day bug used to hijack high-profile accounts

June 4, 2024 at 05:59PM Multiple high-profile TikTok accounts were hijacked by attackers exploiting a zero-day vulnerability in the platform’s direct messages feature. Victims included Sony, CNN, and Paris Hilton. The exploit required targets to open a malicious message, without needing to download a payload or click on embedded links. TikTok is working to restore … Read more

Vietnamese Cybercrime Group CoralRaider Nets Financial Data

April 9, 2024 at 12:02AM A new cybercrime group, CoralRaider, linked to Vietnam, targets individuals and organizations in Asia to steal social media account information and user data. The group relies on social engineering and legitimate services for data exfiltration but has made mistakes. CoralRaider prioritizes financial gain and does not appear to be working … Read more

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

April 4, 2024 at 12:15PM A suspected Vietnamese threat actor named CoralRaider targets victims in Asian and Southeast Asian countries with malware to steal valuable data. They use RotBot, Quasar RAT, and XClient stealer to steal credentials, financial data, and social media accounts primarily for monetization. The group also uses malvertising campaigns on Facebook to … Read more

US Aid Office in Colombia Reports Its Facebook Page Was Hacked

January 29, 2024 at 09:28AM The U.S. Agency for International Development’s Colombia office reported a Facebook page hack, cautioning the public to disregard any content from the account. Unauthorized access was detected, posing a potential risk not further specified. The agency is actively securing the account and investigating the breach’s extent, prompting a plea for … Read more

Mandiant’s X (Twitter) Account Hacked to Promote Crypto Scam

January 4, 2024 at 12:22PM Google’s cybersecurity firm Mandiant regained control of its Twitter account after falling victim to a cryptocurrency scam hack. This incident came amidst growing concerns over security on the platform, echoing past high-profile account takeovers. The security of high-profile accounts on Twitter remains an ongoing concern as the platform is targeted … Read more