DTX Manchester DTX Manchester
  • About Us
Sunday, 28 February, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Twitter DM protection bypassed with new attack vector

by The Gurus
January 23, 2014
in Editor's News
Share on FacebookShare on Twitter

A new Twitter spam campaign has been detected, which gets around safety blocks within the direct messaging (DM) functionality.
 
According to Malwarebytes researcher Christopher Boyd, the tactic sees attackers compromise legitimate accounts and send links to Tweets posted by spam profiles / other compromised accounts, rather than send a direct URL.
 
“They are compromising legitimate accounts then sending links to Tweets posted by spam profiles/other compromised accounts. The linked Tweet will then send the end-user to the desired spam page,” Boyd said.
 
He claimed that users are sent to pages, and in one case it was a diet tips page, and it was possible that there are other URLs being used in this particular campaign.
 
He recommended implementing two-factor authentication, considering the length and strength of your password and adding two-step security to the email address tied to your Twitter account, too.
 
He said: “Yes, you should be two-stepping all over your email account too. You’re trying to make yourself as hard a target as possible with endless, hoop-jumping layers of security for the would-be thief to throw up their hands and go “eh whatever, next target please.”
 
Commenting, Carl Leonard, senior manager of Websense Security Labs told IT Security Guru this is a case of attackers trying to get around the controls put in place and get past the obstacles that present a barrier.
 
“The blocking of URLs in Twitter DMs was implemented in October 2013 as a result of a chief executive receiving a DM with a malicious URL in it,” he said. “We are still seeing scams on Twitter which are after credentials, while we see typosquats that collect details. With any social network we see scams and malicious efforts across the board, as attackers are constantly trying to get past the barriers.”

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: attackSocial Networking
ShareTweetShare
Previous Post

Version of Target Malware Linked to Young Russian

Next Post

Snowden Calls For Termination of Unwarranted Surveillance

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Npower shuts down app after hackers steal customer bank info  

February 26, 2021
Partnership announcement: Edgescan partners with BSI to deliver safe and secure client solutions

Edgescan partners with BSI to deliver safe and secure client solutions

February 26, 2021
Microsoft building

Microsoft failed to fix known problems that could have prevented SolarWinds hack

February 26, 2021
Microscope

Dutch Research Council experience ransomware attack

February 26, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept