Tag Archive for: Tweets

Top tweets: QuickBuck ransomware simulator


Verdict lists five of the most popular tweets on cybersecurity in Q2 2022 based on data from GlobalData’s Technology Influencer Platform.

The top tweets are based on total engagements (likes and retweets) received on tweets from more than 808 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during the second quarter (Q2) of 2022.

1. Florian Roth’s tweet on the QuickBuck ransomware simulator

Florian Roth, head of research at the software development company Nextron Systems, tweeted on the company publishing the ransomware simulator called QuickBuck. The goal of the repository is to offer a simple and harmless way to check antivirus (AV) protection on ransomware. The tool thereby conducts different actions to simulate activity observed by a ransomware on endpoints, the article detailed. The company plans to use it in demos to showcase Sigma matching with Aurora.

The tool simulates typical ransomware behaviours, such as staging from a Word document macro, encrypting documents, deleting volume shadow copies, and dropping ransomware note to the user’s desktop, the article further noted.

Username: Florian Roth

Twitter handle: @cyb3rops

Likes: 783

Retweets: 234

2. Brian Krebs’s tweet on the US DEA investigating an agency portal breach

Brian Krebs, an investigative correspondent, shared an article on the US Drug Enforcement Administration (DEA) stating that it is investigating reports on hackers gaining access to an agency portal that tapped into 16 distinct federal law enforcement databases. The intruder that they had logged into DEA with just a username and password, and no two-factor…

Source…

Ghostwriter update. Quds Day warning. Drivetime talk radio comes to the cyber battlespace? Secrecy as friction. Inadvertent tweets.


At a glance.

  • Update on Ghostwriter.
  • Jerusalem Day alert.
  • Zoom prankers and deepfake goofs.
  • Secrecy as friction.
  • Inadvertent tweets.

Ghostwriter, and signs of a broader campaign.

FireEye’s Mandiant unit this morning updated its research into Ghostwriter, an influence-operator that came to attention last year as it sought to affect public opinion in Latvia, Lithuania, and Poland. Its messaging then was anti-NATO. The campaigns of 2020 relied upon artlessly crude forgeries and implausible rumor-mongering, but of course disinformation doesn’t need to be art, as long as it can get the right amplification, which Ghostwriter worked to accomplish. 

It was easy for officials to quickly debunk such hogwash as the claim that Canadian soldiers were spreading COVID-19, or that an internal memo circulating in the Polish Ministry of Defense called for resistance against an American “army of occupation” (forged memo helpfully provided, hijacked social media accounts used to lend plausibility to a very implausible narrative). CyberScoop offered a useful account of these efforts at the end of last July. But of course lies can have a bit of a run if they’re provided with a headstart.

In any case, Ghostwriter has now expanded its thematic content to include disruption of domestic Polish politics and also (according to Tagesschau) credential theft attacks on German political figures. FireEye believes the threat actor it tracks as UNC1151 operates some portions of Ghostwriter. The firm characterizes UNC1151 as “a suspected state-sponsored cyber espionage actor that engages in credential harvesting and malware campaigns.”

Taggeschau calls the attackers “chaos troops,” which is apt enough for an operation that aims at disruption. At least seven members of Germany’s Bundestag have received phishing emails, as have some thirty members of the Länder assemblies, that is, the state-level legislatures. German authorities are taking activity seriously. The Bundesamt für Verfassungsschutz (the BfV, the Federal Office for the Protection of the Constitution) und the Bundesamt für die Sicherheit in der Informationstechnik (the BSI, the Federal Officer for Information Security) are investigating, and have…

Source…

After Trump tweets Defcon hacking video, voting security experts call BS


After Trump tweets Defcon hacking video, voting security experts call BS

Getty Images

As President Trump continues to make unfounded claims of widespread election fraud, 59 of the world’s foremost experts on electronic voting are hitting back, saying that recent allegations of actual voting machine hacking “have been unsubstantiated or are technically incoherent.”

Monday’s letter came after almost two weeks of baseless and unfounded claims from Trump and some of his supporters that this month’s presidential election had been “rigged” in favor of President-elect Joe Biden. On Thursday, Trump started a new round of disinformation when he took to Twitter to say that polling machines made by Dominion Voting deleted 2.7 million Trump votes around the country.

Vulnerabilities aren’t exploits

Over the weekend, Trump tweeted a video from last year’s Defcon hacker convention. It showed attendees participating in an event called the voting machine hacking village. Organizers of the event held it to raise awareness about the importance of security in electronic voting. Some of the event organizers were beside themselves that Trump was using the video as innuendo that voting machine hacking played a role in the results of this month’s election, or in any election ever, for that matter.

“Anyone asserting that a US election was ‘rigged’ is making an extraordinary claim, one that must be supported by persuasive and verifiable evidence,” the computer scientists wrote. “Merely citing the existence of technical flaws does not establish that an attack occurred, much less that it altered an election outcome. It is simply speculation.”

The letter continued:

The presence of security weaknesses in election infrastructure does not by itself tell us that any election has actually been compromised. Technical, physical, and procedural safeguards complicate the task of maliciously exploiting election systems, as does monitoring of likely adversaries by law enforcement and the intelligence community. Altering an election outcome involves more than simply the existence of a technical vulnerability.

We are aware of alarming assertions being made that the 2020 election was “rigged” by exploiting…

Source…

Twitter: Update Android App to Protect Your Tweets, Direct Messages – PCMag.com

  1. Twitter: Update Android App to Protect Your Tweets, Direct Messages  PCMag.com
  2. Twitter warns about Android app security issue that could have allowed account takeover  9to5Google
  3. Twitter Fixes Bug in Android App That Could Let Hackers Hijack User Accounts  Variety
  4. Twitter Advises Users to Update Android App, Fixes Serious Security Vulnerability  NDTV
  5. Vulnerability discovered in Twitter for Android, all should be well now – GSMArena.com news  GSMArena.com
  6. View full coverage on read more

“android security news” – read more