The Hamas Threat of Hostage Execution Videos Looms Large Over Social Media

Hamas has threatened to broadcast videos of hostage executions. With the war between Israel and Hamas poised to enter a new phase, are social platforms ready?

Hackers Target U.S. Facebook Biz Accounts With Potent Malware

Who’s Responsible for the Gaza Hospital Explosion? Here’s Why It’s Hard to Know What’s Real

A flood of false information, partisan narratives, and weaponized “fact-checking" has obscured efforts to find out who’s responsible for an explosion at a hospital in Gaza.

Elon Musk’s Main Tool for Fighting Disinformation on X Is Making the Problem Worse, Insiders Claim

X is promoting Community Notes to solve its disinformation problems, but some former employees and people who currently contribute notes say it’s not fit for that purpose.

Californians Can Scrub Personal Info Sold To Advertisers With First-In-US Law

A Graphic Hamas Video Donald Trump Jr. Shared on X Is Actually Real, Research Confirms

A video posted by Donald Trump Jr. showing Hamas militants attacking Israelis was falsely flagged in a Community Note as being years old, thus making X's disinformation problem worse, not better.

Elon Musk Is Personally Undermining X’s Efforts to Curb Israel-Hamas War Disinformation

X’s Trust and Safety team says it’s working to remove false information related to the Israel-Hamas war. Meanwhile, Elon Musk is sharing conspiracies and chatting with QAnon promoters.

The Israel-Hamas War Is Drowning X in Disinformation

People who have turned to X for breaking news about the Israel-Hamas conflict are being hit with old videos, fake photos, and video game footage at a level researchers have never seen.

Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients

Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for making the breach worse, calling it a "dark pattern." "The fact that Google Authenticator syncs to

TikTok Fined 345m Euros By Watchdog Over How It Processed Children's Data

Big Tech Has Failed To Police Russian Disinformation

TikTok Opens Dublin Data Centre To Ease China Spying Fears

Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges

Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions. “In recent weeks, multiple U.S.-based Okta customers have reported a consistent pattern of social engineering attacks against IT service desk personnel, in which the caller’s strategy was to convince service desk personnel to reset all

EU Safety Laws Start To Bite For TikTok, Instagram, And Others

How X Is Suing Its Way Out of Accountability

The social media giant filed a lawsuit against a nonprofit that researches hate speech online. It’s the latest effort to cut off the data needed to expose online platforms’ failings.

Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats

Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. The tech giant attributed the attacks to a group it tracks as Midnight Blizzard (previously Nobelium). It's also called APT29, BlueBravo, Cozy Bear, Iron Hemlock, and The Dukes.

Mastodon Fixes Critical TootRoot Vuln Allowing Node Jacking

How Threads' Privacy Policy Compares to Twitter's (and Its Rivals')

Want to try out Meta’s new social media app? Here’s more context on what personal data is collected by Threads and similar social media apps.

Don't Join Threads—Make Instagram's 'Twitter Killer' Join You

Meta’s Twitter alternative promises that it will work with decentralized platforms, giving you greater control of your data. You can hold the company to that—if you don't sign up.

Cybercrime Group 'Muddled Libra' Targets BPO Sector with Advanced Social Engineering

A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage advanced social engineering ploys to gain initial access. "The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the release of the 0ktapus phishing kit, which offered a prebuilt hosting framework and bundled templates,"

Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks

The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in North Korean affairs with the goal of stealing Google credentials and delivering reconnaissance malware. "Further, Kimsuky's objective extends to the theft of subscription credentials from NK News," cybersecurity firm SentinelOne said in a report shared with The

ByteDance Accused Of Helping China Spy On Hong Kong Activists

Inside 4chan’s Top-Secret Moderation Machine

Internal company documents reveal how the imageboard’s chaotic moderation allowed racism and violence to take over.

War Crimes Evidence Erased By Social Media Firms

5 free OSINT tools for social media

A roundup of some of the handiest tools for the collection and analysis of publicly available data from Twitter, Facebook and other social media platforms

The post 5 free OSINT tools for social media appeared first on WeLiveSecurity

Meta Fined $1.3 Billion, Ordered To Stop Sending EU Data To US

Meta’s $1.3 Billion Fine Is a Strike Against Surveillance Capitalism

The record-breaking GDPR penalty for data transfers to the US could upend Meta's business and spur regulators to finalize a new data-sharing agreement.

Buffalo Mass Shooting Victims' Families Sue Meta, Reddit, Amazon

The families of victims of a mass shooting in Buffalo are challenging the platforms they believe led the attacker to carry out a racist massacre.

Twitter’s Encrypted DMs Are Deeply Inferior to Signal and WhatsApp

The social network’s new privacy feature is technically flawed, opt-in, and limited in its functionality. All this for just $8 a month.

TikTok Spied On Me. Why?

Facebook Cracks Down On Malware Actors Targeting Biz Accounts

Meta Says ChatGPT-Related Malware Is On The Rise

Using Discord? Don’t play down its privacy and security risks

It’s all fun and games until someone gets hacked – here’s what to know about, and how to avoid, threats lurking on the social media juggernaut

The post Using Discord? Don’t play down its privacy and security risks appeared first on WeLiveSecurity

A US Bill Would Ban Kids Under 13 From Joining Social Media

The legislation would insert the government into online platforms’ age-verification efforts—a move that makes some US lawmakers queasy.

Crime Agencies Condemn Meta's Encryption Plans

Montana’s Looming TikTok Ban Is a Dangerous Tipping Point

The state is poised to be the first in the US to block downloads of the popular app, which could ignite a precarious chain reaction for digital rights.

LinkedIn Deploys New Secure Identity Verification For All Members

LinkedIn Verification Now Lets You Verify Your Job and Account

To beat back fake accounts, the professional social network is rolling out new tools to prove you work where you say you do and are who you say you are.

Cleaning up your social media and passwords: What to trash and what to treasure

Give your social media presence a good spring scrubbing, audit your passwords and other easy ways to bring order to your digital chaos

The post Cleaning up your social media and passwords: What to trash and what to treasure appeared first on WeLiveSecurity

TikTok Fined £12.7m For UK Data Protection Law Breaches

How Good Smile, a Major Toy Company, Kept 4chan Online

Documents obtained by WIRED confirm that Good Smile, which licenses toy production for Disney, was an investor in the controversial image board.

Staying safe on OnlyFans: The naked truth

How content creators and subscribers can embrace the social media platform without (overly) exposing themselves to the potentially toxic brew of NSFW content and privacy threats

The post Staying safe on OnlyFans: The naked truth appeared first on WeLiveSecurity

Five Takeaways From TikTok CEO's Congress Grilling

What TikTok knows about you – and what you should know about TikTok

As TikTok CEO attempts to placate U.S. lawmakers, it’s time for us all to think about the wealth of personal information that TikTok and other social media giants collect about us

The post What TikTok knows about you – and what you should know about TikTok appeared first on WeLiveSecurity

The TikTok Hearing Revealed That Congress Is the Problem

The interrogation of CEO Shou Zi Chew highlighted US lawmakers’ own failure to pass privacy legislation.

TikTok Paid for Influencers to Attend the Pro-TikTok Rally in DC

The embattled social media company brought out the checkbook to ensure at least 30 of its biggest assets—creators—were in DC to help fend off critics.

The TikTok CEO’s Face-Off With Congress Is Doomed

On Thursday, Shou Zi Chew will meet a rare united front in the US Congress against the Chinese-owned social media app that has lawmakers in a tizzy.

Twitter ends free SMS 2FA: Here’s how you can protect your account now

Twitter’s ditching of free text-message authentication doesn’t mean that you should forgo using 2FA. Instead, switch to another – and, indeed, better – 2FA option.

The post Twitter ends free SMS 2FA: Here’s how you can protect your account now appeared first on WeLiveSecurity

Senator Warner on the Restrict Act and a US TikTok Ban

WIRED spoke with the coauthor of the Restrict Act, a bipartisan bill to crack down on tech from six “hostile” countries.

Info Stealer Targets Facebook Business Accounts

TikTok Answers Three Big Cybersecurity Fears About The App

The Push to Ban TikTok in the US Isn’t About Privacy

Lawmakers are increasingly hellbent on punishing the popular social network while efforts to pass a broader privacy law have dwindled.

New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency

An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components. "Once infected, S1deload Stealer steals

Coinbase breached by social engineers, employee data stolen

Another day, another "sophisticated" attack. This time, the company has handily included some useful advice along with its mea culpa...

Will The Supreme Court End Social Media As We Know It This Week?

Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its "cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information." The incident, which took place on February 5, 2023, resulted in the exposure of a "limited amount of

Revealed: The Hacking And Disinformation Team Meddling In Elections

Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting

TikTok CEO To Testify Before U.S. Congress Over Security Concerns

Mastodon vs. Twitter: Know the differences

Looking for an alternative to Twitter and thinking about joining the folks flocking to Mastodon? Here’s how the two platforms compare to each other.

The post Mastodon vs. Twitter: Know the differences appeared first on WeLiveSecurity