Verdict lists five of the most popular tweets on cybersecurity in Q1 2021 based on data from GlobalData’s Influencer Platform. The top tweets were chosen from influencers as tracked by GlobalData’s Influencer Platform, which is based on a scientific process that works on pre-defined parameters. Influencers are selected after a deep analysis of the influencer’s relevance, network strength, engagement, and leading discussions on new and emerging trends.
Top tweets on cybersecurity in Q1 2021
1. Eric Geller’s tweet on Facebook taking actions against Chinese hackers
Eric Geller, cybersecurity reporter at POLITICO, a political journalism website, shared an article about Facebook threat intelligence analysts and security experts taking actions against a hackers’ group in China known as Earth Empusa or Evil Eye. The group specifically attacked activists, journalists and dissidents mainly among Uyghurs from Xinjiang in China, who lived in countries like the US, Australia, Canada and others.
Earth Empusa used cyber espionage tactics to find its targets and inject malware into their devices to spy on them by sharing links to malicious websites through Facebook. Facebook’s cyber experts prevent threats like cyber espionage campaigns regularly by notifying users on account protection and constantly updating the security of its products.
Facebook recognised the tactics, techniques and procedures (TTPs) used by Earth Empusa across the internet including selective targeting and exploit protection, impersonation of news websites, using phony third-party app stores and outsourcing of malware development. Facebook also informed its industry peers about the Chinese group’s tactics and its users who were believed to be affected by the attack.
Breaking: Facebook announces that it deleted accounts used by a Chinese govt hacking group to infect expat Uyghur activists and journalists with mobile malware. It also blocked the group's phishing sites and notified targets. https://t.co/KuPRWVOr4C pic.twitter.com/3SenceL5Gp
— Eric Geller (@ericgeller) March 24, 2021
Username: Eric Geller
Twitter handle: @ericgeller
2. Joseph Cox’s tweet on Apple’s latest iOS version neutralising zero-click attacks
Joseph Cox, senior staff writer at Motherboard, a technology website, shared an article about the modifications made by Apple to its next iOS version 14.5, making it tougher for hackers to control an iPhone through zero-click exploits. The hackers use zero-click attacks, where they can take over an iPhone without the user having to interact with anything, like a malicious phishing link.
The change in the upcoming iOS version is focussed on ISA pointers that are a related feature of the iOS code capable of directing a programme on which code to use while its running. Apple has been using a technology called pointer authentication codes (PAC) since 2018 to safeguard users from attacks that insert malicious codes, by precluding hackers from using corrupted memory. The technology uses cryptography to validate these pointers and authenticate them before use.
The zero-click exploits are very sophisticated, which makes it much harder for target users to detect them. Several security experts working on the vulnerabilities in iOS opine that the latest change in the iOS could substantially reduce the frequency of attacks.
New: Apple is introducing a change in iOS that is going to make it harder for 0click attacks, where the user doesn't have to do anything to be hacked. Source who makes exploits for government customers and Apple itself said this https://t.co/DAN9L1dMQW pic.twitter.com/1CZR7tFnXc
— Joseph Cox (@josephfcox) February 22, 2021
Username: Joseph Cox
Twitter handle: @josephfcox
3. Dustin Volz’s tweet on Chinese hackers attacking Microsoft Exchange email
Dustin Volz, a cyber and intelligence reporter at The Wall Street Journal, shared an article about a cyberattack allegedly carried about by Chinese hackers on Microsoft Exchange email software. The attack impacted tens of thousands of the company’s clients in the US including businesses, schools and government offices apart from more than 250,000 global customers.
The Chinese hackers’ group was identified as Hafnium, a cyberespionage group. The attackers took advantage of a sequence of four flaws, known as zero days, in Microsoft’s Exchange software to penetrate email accounts and install unauthorised software. Microsoft provided users with a software patch for fixing the bugs.
The US Cybersecurity and Infrastructure Security Agency (CISA) directed the federal government agencies to either patch or disconnect products running on Microsoft Exchange, following the hack. The agency also advised its critical infrastructure partners in the private sector and state and local governments to patch their systems.
The potential scale of this hack is hard to overstate, with estimates of global victims into the hundreds of thousands. CISA held a call Friday with more than 4,000 critical infrastructure partners and state/local governments urging immediate patching. https://t.co/AFlO0763Go
— Dustin Volz (@dnvolz) March 6, 2021
Username: Dustin Volz
Twitter handle: @dnvolz
4. Zack Whittaker’s tweet on MobiKwik’s data breach
Zack Whittaker, security editor at TechCrunch, a tech news website, shared an article about data breach of Indian mobile payments start-up MobiKwik that compromised the personal information of 100 million users. A site on the dark web claimed that it had access to MobiKwik’s user data worth 8.2TB, including scrambled passwords, phone numbers, email IDs and partial payment card numbers.
A seller on a cybercrime platform is claiming to sell access to the database for 1.2 bitcoin, which is approximately $70,000. Meanwhile, MobiKwik is seeking the help of Amazon for logs related to its cloud service, after realising that its cloud storage data was downloaded by an outsider. The payments start-up is working with authorities and is positive that the security protocols, which enable storing sensitive information have not been breached.
This MobiKwik data breach gets even worse. @refsrc reports that MobiKwik may have known a *month ago* that user data had been taken from its cloud storage. More: https://t.co/OZJxZSqmGv https://t.co/o5ruSOBVgG
— Zack Whittaker (@zackwhittaker) March 30, 2021
Username: Zack Whittaker
Twitter handle: @zackwhittaker
5. Troy Hunt’s tweet on data breach at Kroger
Troy Hunt, a web security consultant, shared an article about American retailer Kroger suffering a data breach, following an attack by hackers on a service that enables secure transfer of files. The hack makes Kroger the latest victim of the security vulnerability detected in the Accellion FTA software, which has become the target of attackers during the recent months.
The hack exposed Kroger’s employee and pharmacy data although grocery store data and payment information was not breached. The retailer is contacting those affected by the data breach through postal mail, offering them one year of free credit monitoring. Kroger has immediately stopped using Accellion’s service after the data breach.
Kroger data breach exposes pharmacy and employee data https://t.co/xMkcISzBDe
— Troy Hunt (@troyhunt) February 20, 2021
Username: Troy Hunt
Twitter handle: @troyhunt