Verdict lists five of the most popular tweets on cybersecurity in Q1 2021 based on data from GlobalData’s Influencer Platform. The top tweets were chosen from influencers as tracked by GlobalData’s Influencer Platform, which is based on a scientific process that works on pre-defined parameters. Influencers are selected after a deep analysis of the influencer’s relevance, network strength, engagement, and leading discussions on new and emerging trends.

Top tweets on cybersecurity in Q1 2021

1. Eric Geller’s tweet on Facebook taking actions against Chinese hackers

Eric Geller, cybersecurity reporter at POLITICO, a political journalism website, shared an article about Facebook threat intelligence analysts and security experts taking actions against a hackers’ group in China known as Earth Empusa or Evil Eye. The group specifically attacked activists, journalists and dissidents mainly among Uyghurs from Xinjiang in China, who lived in countries like the US, Australia, Canada and others.

Earth Empusa used cyber espionage tactics to find its targets and inject malware into their devices to spy on them by sharing links to malicious websites through Facebook. Facebook’s cyber experts prevent threats like cyber espionage campaigns regularly by notifying users on account protection and constantly updating the security of its products.

Facebook recognised the tactics, techniques and procedures (TTPs) used by Earth Empusa across the internet including selective targeting and exploit protection, impersonation of news websites, using phony third-party app stores and outsourcing of malware development. Facebook also informed its industry peers about the Chinese group’s tactics and its users who were believed to be affected by the attack.

Breaking: Facebook announces that it deleted accounts used by a Chinese govt hacking group to infect expat Uyghur activists and journalists with mobile malware. It also blocked the group's phishing sites and notified targets. https://t.co/KuPRWVOr4C pic.twitter.com/3SenceL5Gp

— Eric Geller (@ericgeller) March 24, 2021

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Username: Eric Geller

Twitter handle: @ericgeller

Retweets: 217

Likes: 368

2. Joseph Cox’s tweet on Apple’s latest iOS version neutralising zero-click attacks

Joseph Cox, senior staff writer at Motherboard, a technology website, shared an article about the modifications made by Apple to its next iOS version 14.5, making it tougher for hackers to control an iPhone through zero-click exploits. The hackers use zero-click attacks, where they can take over an iPhone without the user having to interact with anything, like a malicious phishing link.

The change in the upcoming iOS version is focussed on ISA pointers that are a related feature of the iOS code capable of directing a programme on which code to use while its running. Apple has been using a technology called pointer authentication codes (PAC) since 2018 to safeguard users from attacks that insert malicious codes, by precluding hackers from using corrupted memory. The technology uses cryptography to validate these pointers and authenticate them before use.

The zero-click exploits are very sophisticated, which makes it much harder for target users to detect them. Several security experts working on the vulnerabilities in iOS opine that the latest change in the iOS could substantially reduce the frequency of attacks.

New: Apple is introducing a change in iOS that is going to make it harder for 0click attacks, where the user doesn't have to do anything to be hacked. Source who makes exploits for government customers and Apple itself said this https://t.co/DAN9L1dMQW pic.twitter.com/1CZR7tFnXc

— Joseph Cox (@josephfcox) February 22, 2021

Username: Joseph Cox

Twitter handle: @josephfcox

Retweets: 102

Likes: 286

3. Dustin Volz’s tweet on Chinese hackers attacking Microsoft Exchange email

Dustin Volz, a cyber and intelligence reporter at The Wall Street Journal, shared an article about a cyberattack allegedly carried about by Chinese hackers on Microsoft Exchange email software. The attack impacted tens of thousands of the company’s clients in the US including businesses, schools and government offices apart from more than 250,000 global customers.

The Chinese hackers’ group was identified as Hafnium, a cyberespionage group. The attackers took advantage of a sequence of four flaws, known as zero days, in Microsoft’s Exchange software to penetrate email accounts and install unauthorised software. Microsoft provided users with a software patch for fixing the bugs.

The US Cybersecurity and Infrastructure Security Agency (CISA) directed the federal government agencies to either patch or disconnect products running on Microsoft Exchange, following the hack. The agency also advised its critical infrastructure partners in the private sector and state and local governments to patch their systems.

The potential scale of this hack is hard to overstate, with estimates of global victims into the hundreds of thousands. CISA held a call Friday with more than 4,000 critical infrastructure partners and state/local governments urging immediate patching. https://t.co/AFlO0763Go

— Dustin Volz (@dnvolz) March 6, 2021

Username: Dustin Volz

Twitter handle: @dnvolz

Retweets: 146

Likes: 183

4. Zack Whittaker’s tweet on MobiKwik’s data breach

Zack Whittaker, security editor at TechCrunch, a tech news website, shared an article about data breach of Indian mobile payments start-up MobiKwik that compromised the personal information of 100 million users. A site on the dark web claimed that it had access to MobiKwik’s user data worth 8.2TB, including scrambled passwords, phone numbers, email IDs and partial payment card numbers.

A seller on a cybercrime platform is claiming to sell access to the database for 1.2 bitcoin, which is approximately $70,000. Meanwhile, MobiKwik is seeking the help of Amazon for logs related to its cloud service, after realising that its cloud storage data was downloaded by an outsider. The payments start-up is working with authorities and is positive that the security protocols, which enable storing sensitive information have not been breached.

This MobiKwik data breach gets even worse. @refsrc reports that MobiKwik may have known a *month ago* that user data had been taken from its cloud storage. More: https://t.co/OZJxZSqmGv https://t.co/o5ruSOBVgG

— Zack Whittaker (@zackwhittaker) March 30, 2021

Username: Zack Whittaker

Twitter handle: @zackwhittaker

Retweets: 79

Likes: 139

5. Troy Hunt’s tweet on data breach at Kroger

Troy Hunt, a web security consultant, shared an article about American retailer Kroger suffering a data breach, following an attack by hackers on a service that enables secure transfer of files. The hack makes Kroger the latest victim of the security vulnerability detected in the Accellion FTA software, which has become the target of attackers during the recent months.

The hack exposed Kroger’s employee and pharmacy data although grocery store data and payment information was not breached. The retailer is contacting those affected by the data breach through postal mail, offering them one year of free credit monitoring. Kroger has immediately stopped using Accellion’s service after the data breach.

Kroger data breach exposes pharmacy and employee data https://t.co/xMkcISzBDe

— Troy Hunt (@troyhunt) February 20, 2021

Username: Troy Hunt

Twitter handle: @troyhunt

Retweets: 56

Likes: 96