Verdict lists five of the most popular tweets on cybersecurity in Q1 2021 based on data from GlobalData’s Influencer Platform. The top tweets were chosen from influencers as tracked by GlobalData’s Influencer Platform, which is based on a scientific process that works on pre-defined parameters. Influencers are selected after a deep analysis of the influencer’s relevance, network strength, engagement, and leading discussions on new and emerging trends.

Top tweets on cybersecurity in Q1 2021

1. Eric Geller’s tweet on Facebook taking actions against Chinese hackers

Eric Geller, cybersecurity reporter at POLITICO, a political journalism website, shared an article about Facebook threat intelligence analysts and security experts taking actions against a hackers’ group in China known as Earth Empusa or Evil Eye. The group specifically attacked activists, journalists and dissidents mainly among Uyghurs from Xinjiang in China, who lived in countries like the US, Australia, Canada and others.

Earth Empusa used cyber espionage tactics to find its targets and inject malware into their devices to spy on them by sharing links to malicious websites through Facebook. Facebook’s cyber experts prevent threats like cyber espionage campaigns regularly by notifying users on account protection and constantly updating the security of its products.

Facebook recognised the tactics, techniques and procedures (TTPs) used by Earth Empusa across the internet including selective targeting and exploit protection, impersonation of news websites, using phony third-party app stores and outsourcing of malware development. Facebook also informed its industry peers about the Chinese group’s tactics and its users who were believed to be affected by the attack.

Username: Eric Geller

Twitter handle: @ericgeller

Retweets: 217

Likes: 368

2. Joseph Cox’s tweet on Apple’s latest iOS version neutralising zero-click attacks

Joseph Cox, senior staff writer at Motherboard, a technology website, shared an article about the modifications made by Apple to its next iOS version 14.5, making it tougher for hackers to control an iPhone through zero-click exploits. The hackers use zero-click attacks, where they can take over an iPhone without the user having to interact with anything, like a malicious phishing link.

The change in the upcoming iOS version is focussed on ISA pointers that are a related feature of the iOS code capable of directing a programme on which code to use while its running. Apple has been using a technology called pointer authentication codes (PAC) since 2018 to safeguard users from attacks that insert malicious codes, by precluding hackers from using corrupted memory. The technology uses cryptography to validate these pointers and authenticate them before use.

The zero-click exploits are very sophisticated, which makes it much harder for target users to detect them. Several security experts working on the vulnerabilities in iOS opine that the latest change in the iOS could substantially reduce the frequency of attacks.

Username: Joseph Cox

Twitter handle: @josephfcox

Retweets: 102

Likes: 286

3. Dustin Volz’s tweet on Chinese hackers attacking Microsoft Exchange email

Dustin Volz, a cyber and intelligence reporter at The Wall Street Journal, shared an article about a cyberattack allegedly carried about by Chinese hackers on Microsoft Exchange email software. The attack impacted tens of thousands of the company’s clients in the US including businesses, schools and government offices apart from more than 250,000 global customers.

The Chinese hackers’ group was identified as Hafnium, a cyberespionage group. The attackers took advantage of a sequence of four flaws, known as zero days, in Microsoft’s Exchange software to penetrate email accounts and install unauthorised software. Microsoft provided users with a software patch for fixing the bugs.

The US Cybersecurity and Infrastructure Security Agency (CISA) directed the federal government agencies to either patch or disconnect products running on Microsoft Exchange, following the hack. The agency also advised its critical infrastructure partners in the private sector and state and local governments to patch their systems.

Username: Dustin Volz

Twitter handle: @dnvolz

Retweets: 146

Likes: 183

4. Zack Whittaker’s tweet on MobiKwik’s data breach

Zack Whittaker, security editor at TechCrunch, a tech news website, shared an article about data breach of Indian mobile payments start-up MobiKwik that compromised the personal information of 100 million users. A site on the dark web claimed that it had access to MobiKwik’s user data worth 8.2TB, including scrambled passwords, phone numbers, email IDs and partial payment card numbers.

A seller on a cybercrime platform is claiming to sell access to the database for 1.2 bitcoin, which is approximately $70,000. Meanwhile, MobiKwik is seeking the help of Amazon for logs related to its cloud service, after realising that its cloud storage data was downloaded by an outsider. The payments start-up is working with authorities and is positive that the security protocols, which enable storing sensitive information have not been breached.

Username: Zack Whittaker

Twitter handle: @zackwhittaker

Retweets: 79

Likes: 139

5. Troy Hunt’s tweet on data breach at Kroger

Troy Hunt, a web security consultant, shared an article about American retailer Kroger suffering a data breach, following an attack by hackers on a service that enables secure transfer of files. The hack makes Kroger the latest victim of the security vulnerability detected in the Accellion FTA software, which has become the target of attackers during the recent months.

The hack exposed Kroger’s employee and pharmacy data although grocery store data and payment information was not breached. The retailer is contacting those affected by the data breach through postal mail, offering them one year of free credit monitoring. Kroger has immediately stopped using Accellion’s service after the data breach.

Username: Troy Hunt

Twitter handle: @troyhunt

Retweets: 56

Likes: 96