One particular aspect of DEF CON that always gets some media coverage is the Social Engineering Capture the Flag (SECTF) contest, where participants use nothing more than a phone call to get victims at various Fortune 500 to give up bits of information. These are the sort of social engineering attacks that give security professionals at large enterprises nightmares.
These same professionals may be in charge of programs meant to train employees on how to avoid social engineering attacks, but many ...
In continuing our research on scams that offer free followers to Instagram users, we found out that similar services for other social networks are also available online.
Among those that we found is this particular Russian site that comes off as a one-stop-shop for those looking to purchase followers, likes, retweets, and other activities for social networks like Twitter, Google+, Facebook, and Instagram.
Figure 1. Scam site selling followers for different social networks
The required payment would depend on the number of followers, ...
We spotted yet another threat lurking around social media sites targeting users of either Google Chrome or Mozilla Firefox. This threat uses fake extensions for both browsers to infiltrate user systems and hijack social media accounts - specifically, Facebook, Google+, and Twitter accounts.
To install these fake extensions, users would see various lures on social media sites to try to get users to install a fake video player update. In reality, this player update is a malicious file detected as TROJ_FEBUSER.A, installs a ...
As more and more users entrust parts of their digital lives to the cloud, they're increasingly running into a problem: it doesn't always last forever. More specifically, cloud services that people have relied upon are just like any other business: they can close their doors.
Just in the past few weeks, here are some cloud services that have shut down or drastically changed their offerings:
Boxee (set-top box and online digital video recorder)
Google Reader (RSS reader)
MySpace (social network)
SnapJoy (photo library)
But some changes to these services ...
Social networking websites have actively been used in different malicious campaigns by cybercriminals in the past - most of which incorporate techniques such as phishing and spam. One of these campaigns are the Blackhole Exploit Kit (BHEK) spam campaign, which has been plaguing Internet users for quite a while. BHEK spam campaigns are known to use popular brand names and websites to lure users.
It's no surprise, then, that we are now seeing a BHEK spam campaign targeting social networking website ...