New Episode Alert EP130

The Big Twitter Hack and Show Updates! 👍

July 21, 2020

With the current state of the world, it's a great time to think about how to better protect our digital privacy. And Silent Pocket makes it easy with their product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Visit

silentpocket.com

and use discount code "sharedsecurity" to receive 15% off of your order during checkout.

Over 90% of individuals show risky behavior in handling potential phishing messages according to Click Armor's free

CanIBePhished.com self-assessment

. This engaging coronavirus edition of CanIBePhished.com can help identify your teams total vulnerability to phishing attacks that exploit the pandemic situation. So test your own vulnerability to phishing attacks for free now at

CanIBePhished.com

Show Updates: New Name, Logo, and Website!

You may have noticed a few changes around here at the Shared Security Show. The first change being our logo and our name. We dropped "podcast" from name and added "show" since we felt that the content we bring you every week is much more than a podcast. The plan is to really increase our content on YouTube, giving you more visual ways to consume content you hear every week on the audio version of the show, which of course will continue. Think of our YouTube channel as just another outlet for you to get our weekly content. We've also launched a new logo and website which is the first brand refresh we've done in 10 years. Let us know your feedback and if you encounter any issues with the new website. We hope you enjoy these new updates and thank you for listening and supporting the show!

Twitter blames 'coordinated' attack on its systems for hack of Joe Biden, Barack Obama, Bill Gates and others

The major story last week was the news about

the massive "Twitter hack"

where the Twitter accounts of many high profile politicians, celebrities, and companies like Joe Biden, Elon Musk, Bill Gates, Barack Obama, Uber, and Apple had tweeted a cryptocurrency scam to millions of their followers last Wednesday. This is what's called an impersonation attack where user trust is exploited to either click a link or in this case send bitcoin to a cryptocurrency scam. Initial reports about how the attacked happened ranged from theories about account password compromises, a vulnerability in Twitter's password reset and two-factor authentication process, SIM swapping attacks as well as a theory that perhaps social engineering was to blame. This theory actually had some credibility as Twitter posted on their support account that quote "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools." end quote. But was social engineering really to blame? Well the plot thickens because on Thursday

Motherboard reported

that, according to leaked screen shots and other details provided, a Twitter employee may have been responsible for the attack. Anonymous sources apparently told Motherboard that quote "We used a rep that literally done all the work for us," and a second source said that they even paid this insider for administrative access. The attacks may have been carried about by changing the account email address through an internal Twitter administration tool which would initiate a password reset.

This recent attack is very concerning considering that the attackers could have done something way worse like cause Tesla stock to crash through a fake Elon Musk tweet, inciting panic like sending a tweet from the president stating that aliens have landed, or causing other such chaos when famous people are impersonated.

This also isn't the first time that Twitter has had problems with their security

. The NFL had about 12 team accounts hacked in January, and last August Twitter CEO Jack Dorsey's account, which is followed by more than 4 million people, had his account hacked through an apparent SIM hijacking attack. And that's just the most recent incidents. Keep in mind, this is still a developing story so whether social engineering was involved or if a Twitter employee was actually paid off, we won't know for certain until Twitter releases their official statement on the attack. Which will probably come from a Tweet on Twitter.

Microsoft warns of critical Windows DNS Server vulnerability that’s ‘wormable’

Now there was another big story last week that seemed to have gotten buried with the news about the big Twitter hack and that was the story about the critical flaw in

Microsoft Windows DNS servers that was reported by security firm Check Point

. The flaw, which has apparently been around for 17 years could be wormable, meaning, that this vulnerability has the potential to spread between systems on its own, without any user interaction. What makes this vulnerability even worse is the fact that it affects Windows DNS servers which are used by many organizations and businesses which could leave an easy way for malware to spread within a corporate network. DNS which stands for (Domain Name System) is basically a giant address book which translates a domain name like sharedsecurity.net to its IP address so that applications like your web browser can load a website. And while most Windows DNS servers are used internally vs. externally (meaning, not the DNS servers used to power the actual Internet) an attacker could leverage a vulnerability like this to redirect an entire corporate network to do a lot of very bad things. DNS vulnerabilities like this are very rare which makes this one a top priority for system administrators to take seriously. The good news is that Microsoft has already released a workaround to protect against the flaw until system administrators can install the patch, which is available right now from Microsoft.

Email impersonations becoming pervasive, preying on a distracted and dispersed workforce

And along the same lines as the big Twitter attack this week,

email impersonation attacks are on the rise

because more people are working from home due to COVID-19. According to a new survey report from GreatHorn, 48.7% of respondents reported seeing impersonations of people such as colleagues, customers or vendors. Not only that, 42% report seeing impersonations of well-known brands in their inbox which is a sharp increase from just 22.4% in 2019. Furthermore, 10% of participants flagged brand impersonations as their top email threat, which was another increase from 4.8% in 2019. To make matters worse, IT security teams are being stretched to their limits as 33% of IT administrators state that they need to remediate an email based attack every day. As we just saw with the Twitter attack, impersonating people that we inherently trust is usually successful because attackers use social engineering techniques to show authority, urgency, and authenticity to trick you into clicking a link or scamming you out of your hard earned money. The key is to always be vigilant and cautious with not just emails but text messages, and of course social media posts like we saw recently on Twitter. Remember the saying "trust but verify"? I think it's good to be reminded of this phrase with the rise and frequency of impersonation attacks.

Watch this episode on our YouTube Channel!

JuneMonthly ShowEpisode 101Scott and Tom discuss the privacy concerns with the EARN IT Act, more stories of facial recognition fail, and Scott talks about his new podcast, Can I Be Phished?

Watch this episode on our YouTube Channel!

Please support our sponsors!

Take advantage of this exclusive offer and help support this podcast!

Visit

silent-pocket.com

to shop Silent Pocket's great line of privacy focused products.