About these ads


Posts Tagged ‘LinkedIn’

16-30 June 2013 Cyber Attacks Timeline

It’s time for the second part of the June 2013 Cyber Attacks Timeline (first part here).

The last two weeks of June have been characterized by an unusual cyber activity in the Korean Peninsula. In a dramatic escalation of events (coinciding with the 63rd anniversary of the start of the Korean War), both countries have attracted the unwelcome attentions of hacktivists and (alleged) state-sponsored groups, being targeted by a massive wave of Cyber attacks, with the South suffering the worst consequences (a huge amount of records subtracted by the attackers).

On the hacktivism front, the most remarkable events involved some actions in Brazil and Africa, and the trail of attacks in Turkey that even characterized the first half of the month. The chronicles of the month also report an unsuccessful operation: the results of the so-called OpPetrol have been negligible (most of all in comparison to the huge expectations) with few nuisance-level attacks.

On the cyber crime front, the most remarkable events involved the attacks against Blizzard, that forced the company to temporarily close mobile access to its auction service, a serious breach against a Samsung service in Kazakhstan, a targeted attack against the internal network of Opera Software (aimed to steal code signing certificates) and several attacks to some DNS registrars. In particular the most serious has been perpetrated against Network Solutions, affecting nearly 5000 domains, among which LinkedIn.

As usual, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012 and now 2013 (regularly updated). You may also want to have a look at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

16-31 June 2013 Cyber Atacks Timeline Read more…

About these ads

The Party Is Not Over! 250,000 Twitter accounts compromised!

February 2, 2013 6 comments

The Information Security Community is still commenting the Cyber Attacks against U.S. media companies and here it is another clamorous news in this February Weekend!

twitterposOn the wake of the admissions made by The New York Times and The Wall Street Journal, Twitter has revelaed in a blog post, to have detected, over the last week, unusual access patterns that led to identify unauthorized access attempts to some user data. They even discovered, and were able to shut down, one live attack, but their effort did not prevent the attackers to access user information for 250,000 users. The compromised data for the affected users includes : usernames, email addresses, session tokens and encrypted/salted passwords.

As a precautionary security measure, the social network has reset the passwords and revoked the session tokens for the affected accounts. The impacted users would have received (or will soon receive) an email, notifying them to create a new password.

This is not the first time that a primary social network is hacked: on June 2012 LinkedIn had 6.5 million accounts compromised.

The problem is that our online experience is getting harder and harder: counting (and immediately patching) all the exploitable 0-day vulnerabilities of the browsers and their components  is getting harder and harder (see the Java saga for example), and apparently even protection technologies are not so useful

Beware Of Linkedin Scams

May 11, 2012 1 comment

You know, social media have become the last fronteer of spam and and scam. Yesterday I received a strange message from an unkown (i.e. non-existant, at least when I checked) LinkedIn Profile, inviting me to message my email address for a purpotred “undervalued $tock bid”. In this hard times the perpsective of easy money sounds appealing but…

…Always remember that LinkedIn is particularly attractive for cybercrookers since contacts have a bigger level of trust and confidence and the victims are lead to  lower the barreers of mistrust (the human firewall).

Anyway, in case of suspect messages from LinkedIn always check the LinkedIn Checkbox (in this case, needless to say, the message was not listed, nor was the linkedin profile existant).

Social Reputation On Sale

May 21, 2011 1 comment

Would you buy an used car from a Girl Like That? Mmh… probably she is not the best person for this kind of deal, but I grant you that if you wish to buy some pounds of social reputation on sale she is just the right (virtual) person. You only need to go on Twitter and search for @JuliannaAlln to understand why…

Some hours after publishing my last post about Mr. Obama’s speech and its implications for Revolution 2.0 (thanks to @brunehel for suggesting this intriguing name) I received a strange mention from @JuliannaAlln:

@paulsparrows: I just saw your tweet about Linkedin. This site is great for adding LinkedIn connections: http://is.gd.dfnfQV

Tweet about Linkedin? It sounded strange to me, even if in a certain sense the last tweet mentioned Social Networks, it had (nearly) nothing to deal with LinkedIn.

I could not help noticing the attractive young girl on the picture (a typical stereotype of social honeypots), and consequently at first glance I immediately thought about the affair of @PrimorisEra or Robin Sage. Anyway, since it is really unlikely that my unconfessable secrets may be of any interest to someone for the purpose of espionage or whatever else, this idea without rhyme or reason only lasted a few seconds: the truth is far less romantic and is just a click far from the link contained in the tweet.

As a matter of fact the link inside the tweet brings you to Viralso, an Internet Marketing Agency, whose main course consists in selling Social Reputation: with “only” 89 bucks per month you may choose to reach the mentionable amount of 2400 LinkedIn connections (with a Delivery Rate of 200 per Month) or 2000 Twitter followers (understandably, inventing building a social profile on LinkedIn where you must prove the references of your skills is much harder). If instead you want to surprise your friends on Facebook with an endless array of friends, there is no problem at all: with “only” 89 bucks per month 500 new friends (per month as well) will bring you to the noticeable number of 2400 friends. In any case you will be able to become a “social black hole (in the sense that you will be able to attract anything to your profile) with 100% satisfaction guaranteed.

Analyzing the matter more seriously, I find that this is only the latest implication of the polymorphic main concern of social networks which is Reputation, from a security perspective (may you really trust who you are talking to?) but also from an individual and (real) social perspective. In particular from an individual perspective the social reputation (and social impact and credibility) is not built upon what one individual is (because the real identity is hidden behind an avatar) rather than upon the number of friends, followers or contacts, one individual is able to show, even if there is no way to prove the real identity of them. If I cannot show or prove who I am I can only use indirect tools (i.e. my contacts) to build my reputation.

The worrying thing relies on the fact that apparently there is no difference between personal and professional social networks: I might also understand the presumption by “virtual flirt hunters”, of flaunting thousands of Facebook friends to impress unlikely preys; unlikely I hardly understand how a huge amount of fake professional contacts on LinkedIn could work, in a social networks where the references, at least on paper, can be verified. Maybe even for this reason the LinkedIn IPO was far beyond the most optimistic expectations (seems to be back at ten years ago).

Even if the agency claims that:

We do not incentivize people to Become a Connection on LinkedIn

We use proprietary marketing techniques to find “real people” that will become a LinkedIn connection.

the qoutes around the term “real people” are more meaningful than a thousand words (and now that I know that the marketing process is based on the strategies used by President Obama, and, most of all, by Britney Spears I feel much more confortable). Actually I really would be very curious to know how the not better defined “proprietary marketing techniques” are able to build the fake profiles, and to check, most of all on LinkedIn, their level of (social) reliability, anyway I must confess that rather than trying it, I much prefer to spend my bucks (or better my Euros, or Euri how we say in Italy) for a real social life, for instance with some real friends and a fresh beer…

Social Espionage

Updated on 5/6/2011: Primoris Era is Back!

Few days ago the Twitter Community was shaken by the affair of @PrimorisEra AKA “The tweeter who loved me”, a Twitter user with more than 23.000 tweets and 1300 followers, depicting herself as a young, attractive woman with a keen interest in missile technology and national security strategy. Her sudden departure has subsequently created many questions and concerns about the security of information on the Internet and Social Network. As a matter of fact, more than a few Twitter users who work in national security panicked upon hearing the accusation lodged against @PrimorisEra, since it looks like she (or he) allegedly requested sensitive information using Twitter’s Direct Messaging, or DM, service, persuading several young men on Twitter (and Facebook as well) to divulge sensitive information for more than two years.

Albeit this interesting article explains the (alleged) real story behind, and in a certain manner belittles the spy story, social pitfalls (socialeaks) remain more relevant than ever.

This does not sound surprising to me: as soon as my colleague David told me the story (of course by mean of a tweet), the notorious affair of Robin Sage came immediately to my mind: a fake Facebook (and LinkedIn) Profile of a Cyber Threat Analyst, who  was capable to gain access to email addresses, bank accounts and location of secret military units from her 300 contacts, persuading them to be a 25-year-old “cyber threat analyst” at the Naval Network Warfare Command in Norfolk, Virginia, graduated from MIT, with 10 years of work experience, despite her young age (she was also given private documents for review and was offered to speak at several conferences).

Lesson learned? Not at all, (nearly) every security professional should know very well, at least in theory, the story of Robin Sage and the consequent risks connected with a fickle Social behavior, most of all in those blurred cases when professional and personal information overlaps. Never ignore the first rule: young attractive girls have nothing to do with geeks, even if they often have persuading arguments, sometimes so persuading to tear down the personal natural defenses (the first form of “physical” security), especially in those cases (as in the example of Robin Sage) when other trusted peers have already fallen in the (honey)trap, and consequently appear between the contacts of the fake profile.

Even if @PrimorisEra or @LadyCaesar (another pseudonym of her Digital Identity) is not a spy in the pay of any foreign country, the possibility to use the Social Network for espionage, SecOps, or PsyOps is far from being remote. Indeed is a consolidated practice and may already rely on an (in)famous example: the one of Anna Chapman, the 28 years old Russian Spy, living in new york, arrested on 27 June 2010, together with other 9 people, on suspicion of working for Illegals Program spy under the Russian Federation’s external intelligence agency. One of the noticeable aspects of the whole story was just her Facebook profile full of hot pictures (and equally hot comments) used to attract friends, and probably as one of the ways to grab information (curiously it looks like she did not show how many friends she had, as to say, unlike everyone else, that spies apparently know how to deal with Facebook privacy settings.

Read more…


Get every new post delivered to your Inbox.

Join 2,705 other followers