You are viewing 'Social Media Security'

Facebook isn’t Safebook!

ImageGate allows Ransomware Infection

David Biser

November 29, 2016 - Posted by David Biser to Security News


With so many users accessing Facebook within corporate networks, it is imperative that your security team be up to date on current threats involving social media. A well-known piece of malware, Locky Ransomware, is spreading via Facebook Messenger by pretending to be a harmless image file. Since many companies allow employees to access Facebook, this presents a potentially massive hole in security programs.

The initial reports on this piece of ransomware show a commonality among the type of infection vector and approach used by the attackers. First, the user receives an instant message containing only an image file, or what appears to be an image file. It is usually titled generically with a .svg extension. A .svg (Scalable Vector Graphics) is an XML-based vector image, which is formatted for two dimensional graphics and support for animation and interactivity. These image files can be created and edited with any text... read more >

Social Media Exploitation

How social media makes you an easy target

Kyle Brosseau

March 10, 2016 - Posted by Kyle Brosseau to Security Insight

Social Media Security

Facebook, Instagram, Twitter, Pinterest, flickr, Tumblr, LinkedIn, etc. (the list could go on and on) are all well-known social networking sites. They have all become popular communications media for the vast majority of people. Take a minute to think about what some of these sites might say or what information they might have about you. 

Got it?

Now think about that information and if someone with malicious intent might be able to use it against you. Below is a quick... read more >

Common Sense Holiday Travel Security Tips

Social Media Scrooges

Michael Born

November 24, 2015 - Posted by Michael Born to Security Insight

I recently had the pleasure of providing security guidance for a news story presented by the local Fox® affiliate. Since the reporter took a few liberties with what I actually said, I thought I would give you, the reader, these tips directly. So, here we go!

Some of what I’m about to say may seem like common sense but to the excited traveler anxiously awaiting a getaway weekend for the upcoming holidays, maybe not. There seems to be a common theme lately of people posting images of their boarding pass on social media sites, unaware of the dangers this actually poses. If we take a moment and examine the various boarding documents of the major airlines, we see a common occurrence of information, all of which when used together can pose pretty serious risk to the unaware holiday traveler.

Delta Airlines® Boarding... read more >

Halloween Cyberspooktacular

Tips to keep your family safe and secure online

Robert Clauff

October 30, 2015 - Posted by Robert Clauff to Security Insight

I can say without a doubt that Halloween is my favorite holiday. I love the feeling of fall, the pumpkin carving, the apple cider, the delicious candy, the crazy costumes and the ability to really scare someone for one night a year.

I used to love being scared, and scaring those in return. Although, that all changed this year. My two kids, who are 7 and 8, are now getting to the age where they are starting to use computers, apps, and the dreaded Internet. My son is exceptionally advanced when it comes to technology as well, which doesn’t help. This is the scariest thing I have experienced in quite some time — knowing what it is like in cyberspace and all the... read more >

OPSEC in a Digital World

NCSAM Week 4: Your Evolving Digital Life

Jeremy Scott

October 19, 2015 - Posted by Jeremy Scott to Security Insight

Week 4 of National Cyber Security Awareness Month (NCSAM) discusses “Your Evolving Digital Life.” With the Internet becoming more and more integrated in our daily lives, we are opening ourselves up to new threats and challenges. To illustrate my point, let’s discuss a Facebook example while applying the Operations security (OPSEC) process.

OPSEC is a term that originated with the U.S. military. OPSEC is a process that determines if information obtained by adversaries could be interpreted to be useful to them, and using the appropriate measures to eliminate or minimize the exploitation of that information. Simply stated, OPSEC is the protection of information so that it cannot be used against you by your enemies. As our digital lives evolve, we need to be sure to practice good OPSEC.

If we look at the OPSEC process, you can see how it can be applied to how we handle our digital lives. The OPSEC process... read more >

1 | 2 | 3 | 4 | 5 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)