Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

View all posts > 

Filtered by : Twitter

Twitter Adopt 2FA; Here Is What You Can Do

Posted: 23 May 2013 09:01 AM | Drendell_


In the wake of recent account compromises, including Associated Press and the rampant breaches orchestrated by the "Syrian Electronic Army", Twitter have recently released 2FA (2 Factor Authentication), which is a most welcome addition to bolster users' security. It is not, however, the be-all and end-all: users are still responsible for choosing strong, hard-to-guess passwords. If your password is compromised, control of your account may be lost to malicious actors.

 

While it's true that, given enough time and resources, all passwords are crackable regardless of their complexity – a pass-string of 200 random characters is ultimately just as vulnerable to brute forcing as a password containing just one character – the aim of a complex pass-string  is to make an attack chronologically infeasible. Let’s first take a look at the total number of possible combinations for a given base of elements:

 

 

 

...

Read more > 

Filed under: , ,

no comments

Battered Twitter, Phish but no Chips! [Updated]

Posted: 05 Feb 2013 04:47 PM | Jason Hill


Hot on the heels of Friday’s announcement by Twitter that they ‘detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data’ and subsequent confirmation that ‘attackers may have had access to limited user information’ for  ‘approximately 250,000 users’,  Websense® Security Labs™ are tracking a phishing campaign propagated via Twitter’s direct message functionality.

...

Read more > 

Filed under: , ,

no comments

London Olympics Search Results Lead to Objectionable Sites

Posted: 10 Aug 2012 05:58 PM | Elisabeth Olsen


We’ve previously blogged about Olympic ticket scams , phishing , malware designed to propagate through social networking, and other Olympic security concerns . We also know that hackers take advantage of people searching for breaking news and trending topics about the Olympics through various SEO...

Read more > 

Filed under: ,

no comments

Twitter OnMouseOver Flaw In The Wild

Posted: 21 Sep 2010 02:28 PM | Carl Leonard


As of this morning we have been monitoring a flaw on twitter.com that delivers pop-ups to Twitter users when they move their mouse cursor over a specially crafted tweet. There is also the potential to deliver status updates when mousing over a tweet and altering the display of the Twitter status on user's...

Read more > 

Filed under: , ,

no comments

Twitter Spam: Is It Just Me Or…

Posted: 25 Sep 2009 06:26 PM | Defensio, the blog


Is it just me, or spam on Twitter has been growing exponentially recently? I've always been getting the occasional good-looking-not-very-dressed new follower notification by email, but recently, I've been receiving @ messages like this: What is your experience with this? What kind of spam are you seeing on Twitter? Is there anything Defensio could do to make your life better on Twitter?

Read more > 

Filed under: ,