With April the Giraffe about to give birth in the Animal Adventure Park in Harpursville, New York, it is time to warn readers of how a giraffe can damage their device in ways that a cat or dog would only dream of: Licking it – A giraffe’s tongue is about 50 cm long and black. Equipped to […]
The Star Wars Twitter botnet, the return of Lavabit, a critical Cisco Webex flaw, and the St. Louis Library ransomware story are discussed.
Researchers from the University College London have found a Twitter botnet of 350,000 bots that has been dormant since shortly after the accounts were registered.
Facebook, Instagram, Twitter, VK, Google’s Picasa and Youtube were handing over user data access to a Chicago-based Startup — the developer of a social media monitoring tool — which then sold this data to law enforcement agencies for surveillance purposes, the ACLU disclosed Tuesday.
Government records obtained by the American Civil Liberties Union (ACLU) revealed that the big technology
A wise man once said: “You should never share anything on the internet unless you are ready for it to be seen by the whole world”. This is certainly something you should keep in mind especially if in fear of judgment… This is also something to be careful about if you are a business owner and you want to turn your dream of a company IPO into reality. Hey, you should even watch out for your posts if you are a recent graduate looking for your next employment opportunity.
Twitter made it easy for you to search their feeds and some tweets are now even indexed on Google. Your thoughts are now visible to the whole world and this is something you need to consider every time you make your thoughts public. We have seen so many stories of people whose lives have been turned around due to a single tweet. Today’s world is not what it used to be and individuals and businesses alike need to adapt and care for their reputation. It’s a common misconception that only a live tweet could damage your reputation, tweets from years ago may be just as harmful as the ones you send out on a Friday night.
Years ago when Twitter was on the rise, many people created profiles tweeting things they wouldn’t necessarily agree with today. You would be surprised of the things people would say when under the soft blanket of internet anonymity. However, today’s internet is not as anonymous as it used to be. The toddler Twitter, which was just making its first steps into the world about ten years ago, grew up big and strong enough to place everything you said within reach of whoever is interested in digging for it.
The importance of managing your digital prints
Panda Security suggests you may want to do some research into your Twitter feed yourself. Get your hands dirty, do some digging of your own. Twitter history can reveal a lot of things for your personality which you may not necessarily want to share with the whole world, i.e. your mother’s maiden name, DOB, PayPal email address as well as your physical one, or the primary school you went to. Staying on top of your digital prints has never been as important as it is now.
However it is not all gloom and doom, there is a way out! It’s not an easy task to search through thousands of tweets but luckily, Twitter has an option for you to request your personal archive. You can go to ‘Settings’ and hit the ‘Request your archive’ option. You will get an email containing a zip file that includes all of your tweets since the beginning of time… or well the beginning of Twitter. The email usually takes a few working days to receive but once you get it, you will have the opportunity to search through all of your Twitter history in an easy way, mimicking the real interface of Twitter.
If you don’t want to wait for a few days just go to your Advanced Search option and search through your tweets. In the ‘From These Accounts’ field, enter your username, and in the ‘Words’ fields the key-words you are trying to find. Once you get the result you were looking for, you can delete the unwanted content. Easy peasy lemon squeezy!
Guess What? Someone just downloaded Twitter’s Vine complete source code.
Vine is a short-form video sharing service where people can share 6-second-long looping video clips. Twitter acquired the service in October 2012.
Indian Bug bounty hunter Avinash discovered a loophole in Vine that allowed him to download a Docker image containing complete source code of Vine without any hassle.
Twitter has forced a password reset on an unnamed number of accounts exposed this week in a dump of 32.8 million account names and credentials.
LeakedSource says it has a set of 32 million Twitter account details, including plaintext passwords that were put up for sale on a black market website.
Mark Zuckerberg’s social media accounts on Pinterest and Twitter were hacked by an organization who call themselves OurMine. The hackers cheekily sent Mr. Zuckerberg a message from his account.
Mark Zuckerberg’s social media accounts on Pinterest and Twitter were hacked by an organization calling itself OurMine. The hackers cheekily sent Mr. Zuckerberg a message from his account, saying, “We are just testing your security”.
The hackers reportedly gained access through account details exposed by the LinkedIn data breach in 2012 when over 100 million accounts were compromised.
Two questions immediately spring to mind. Firstly – why hasn’t he activated stronger login protocol using 2 factor authentication through his mobile phone? And secondly – has Mr. Zuckerberg not changed his password since then?
In 2011, Facebook itself introduced ‘Login Approvals’, so that when you login in from an unknown device, it authenticates you through a text message sent to your mobile phone. The blog post on Facebook’s page that announces the feature states:
“As more individuals and businesses turn to Facebook to share and connect with others, people are looking to take more control over protecting their account from unauthorized access”
You would assume that Mr. Zuckerberg would understand the risks associated with his own social media accounts, having developed a solution for users of his own social media site.
We can all understand that we sometimes use the same password on several sites; we are all guilty of that. But to not have changed the password on those sites after such a big data breach, such as LinkedIn’s, could be described as naïve – maybe irresponsible.
Let’s not judge too quickly, though, because we have to remember that most celebrities and billionaires don’t Tweet and post content themselves (I do all my own!). It’s normal to have teams of marketing and public relations people controlling their online presence and identity as part of their overall brand. These teams likely have access to the same account, maybe using the same login credentials year after year. Securing an account that has shared access requires using Tweetdeck and then every user needs to setup their options authentication. Then each user signs in in with their own twitter account and has access to the shared account, they can manage their own settings and while they can setup 2 factor authentication they also might not and therefore your shared account is as strong as the weakest settings of the shared account users.
There are solutions out there that allow shared access, and Tweetdeck, for example, offers this for Twitter, but it was not released until 2015. The Twitter account of Mr. Zuckerberg has not shown a Tweet since 2012, until it was recently hacked. An account that is not used to post content is probably not thought to be a risk, which of course is wrong. And the account may not even be used to consume content.
The moral of the story is that we should:
- Enable 2 factor authentication, using either the option to validate using a mobile device every time you login or at least to authenticate when a new device is trying to access your account.
- When there is a data breach that may involve your data, do not sit back and think it will not happen to you, change passwords. If you are using the same password on several accounts, change it on them as well and make them all unique.
- Delete or suspend inactive accounts that you no longer use; if suspending them, turn on 2 factor authentication so that only you can re-activate them at a later date.
Personally, I use the option to authenticate through my mobile phone. While this causes some inconvenience when logging in, it does provide me with the confidence that I have the best option to be secure turned on.
Mr. Zuckerberg got lucky this time around as the hackers just wanted the kudos of hacking his account. I can only imagine the chaos this caused his marketing and PR people, running around in panicked circles, vowing to never let this happen ever again.