From The Blog
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 747 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 381 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 739 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 556 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 682 times Read more...
-
Leaked Data from Duolingo incident Shows US is most Impacted
Written by Sean KalinichDuolingo, is a language learning site (not to be confused with an LLM) and has a very large base of users. The site is a…Written on Tuesday, 29 August 2023 19:12 in Security Talk Read 1099 times Read more...
-
We talk about the Ransomware Threat Landscape with SecureWorks at Black Hat 2023
Written by Sean KalinichBlack Hat 2023 – Las Vegas, NV – One of my personal focuses is understanding the “Why” behind changes in the threat landscape. In simple…Written on Tuesday, 29 August 2023 18:26 in Security Talk Read 611 times Read more...
-
Now Patched Flaw Leverages Abandoned Reply URL found in Entra ID allows for Privilege Escalation
Written by Sean KalinichMicrosoft has not been having the greatest of months. First it was identified that a stollen MSA signing key was used by a Nation State…Written on Monday, 28 August 2023 15:39 in Security Talk Read 1323 times Read more...
-
Qrypt Looking to Attack the Inefficiencies in Quantum Encryption to make Quantum Secure Communication a Reality Today
Written by Sean KalinichBlack Hat 2023, Las Vegas – At Black Hat one of my favorite things to do is see what the latest buzzword(s)/phrases are. One of…Written on Monday, 28 August 2023 12:53 in Security Talk Read 824 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 115447 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 85265 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 79586 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 78548 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 68403 times Read more...
Displaying items by tag: Twitter
Let’s Talk a Minute About Meta’s Threads and the Data it Wants
Yesterday (July 5, 2023) Social Networking Giant, Meta launched their competitor to Twitter. This new app is a companion app to Instagram called threads. Ironically, Twitter had a lot of buzz about the new app including from people that routinely talk about how terrible Twitter is under Elon Musk. These Twitter detractors have been posting count down timers, information on how to ensure you can be on threads as soon as it launches and more. It is interesting, if not a bit funny, to see the dialog there. However, there is a very dark cloud (heavy black and pendulous) over the green pastures of Meta’s Threads. This is the very serious concern about Privacy and Security.
Twitter Backtracks on Removing Embedded Tweets from 3rd Party Websites after Deletion for Now
Twitter is an interesting company. On the one hand they act like they are a bastion of free speech and have stood up for the anonymity of some of the users. They have, in the past refused government interference in how their users post information and respond to tweets on their service. They claim to be against bullying and hate. At the same time, they have suspended accounts, removed tweets and permanently banned people for some very arbitrary reasons. They have stood their ground over this even when proven wrong about the original action. They have also left up tweets calling for violence by some while removing others, very confusing.
Twitter Moving to Allow Manipulation of Embedded Tweets on 3rd Party Websites
Twitter has been in the new a lot over the last few years. From deleting accounts of people and groups for very flimsy reasons to censoring posts that contain factual, but non-popular information. It seems that they just cannot help themselves when it comes to abusing community standards. The practice has even accelerated after Jack Dorsey left the company as CEO. The seemingly one-sided application of community standards has led to much criticism of the platform. The level of disappointment even led to Elon Musk buying 9.2% of the company and gaining a seat on the board of directors (not that this will accomplish much).
NASCAR's Fan and Media Engagement Center Makes 'Creepy' Data Collection a Good Thing
Data collection, monitoring, storage, and mining are simply part of our online lives. If you connect to a site, it is going to collect some information about you. If nothing else it will collect the session information (IP address, time on site, pages read etc.), but will not use that for anything more than understanding traffic. Other sites will collect and maintain more information than that and in extreme cases you will get much more collected than that. However, no one seems to know what use this data is being put to and if there is any benefit to the collection at all.
Independent Dev's Twitter Rant gets Game Booted out of Steam
Social Media can be a great thing if used properly. However, lately people tend to use it for… well let’s call it ranting. I cannot count the number of rants and tantrums I have seen on Twitter, Facebook and even Google+. It seems that some people feel that social media sites are their own personal forums to share every thought they have no matter how positive or negative it is. When you point this out to the ranters, you are likely to be told that it is their page and you do not have to read it. Well… that is the problem, you never really know just who might be reading your rant and what they might do about it.
Twitter's Tweetdeck Hacked Right After Getting Award for Security...
Twitter has a keen sense of the word irony now. Almost immediately after grabbing the highest score by the Online Trust Alliance for security and privacy they managed to get hit with a very bad XSS (Cross Site Scripting) bug that impacted their TweetDeck side of the house. To make matters worse the XSS flaw was not some 0-day exploit that hackers used, it was a fairly old one that allowed the hackers to fill the feeds of TweetDeck users with malicious scripts.
Twitter giving up on encrypted messages
Although most things related to the Twitter are public, the company has enabled its users to exchange direct messages that concern only them and whose content is not visible to others.
Twitter getting “old”
After Twitter released its annual financial results for the 2013. from which we could observe a slower increase in the number of users, discussion began on possible reasons for this negative trend . In the latest study, the research house eMarketer presented the growth projections of the number of users of the social network for the next five years. They predict that the negative trend will continue, so in 2014 the number of active users will increase by only 11.6%, and by the 2018 this will decrease even further to 6.4%.
Decline in numbers of new Twitter users
In accordance with earlier forecasts, Twitter ended last business year with a loss of 645 million US dollars, despite revenue growth of 110%. Total annual income of 665 million was not nearly enough to cover the huge costs of the accumulated investment of the company in the sales force, research and marketing.
Twitter cooperates with Stripe to create super simple payment service
Twitter is currently working with a start-up company Stripe which is dealing with digital payment for goods and services, and are very close to it to enable users to purchase directly through their social networks. People familiar with the collaboration say that credit card payments in the future could be confirmed very easily, with tweeting. With the same move, Twitter could enable companies to offer products and services, and in that way open another channel for generating revenue.