RSS Alerts

Related Stories

  • Search for security
    With more than 30 000 web pages being infected every day, search engine results could increasingly lead to malware infection. Kari Larsen asks what the search engines are doing to mitigate security threats, and how users can protect themselves.
  • Sophos reveals how Twitter, Yahoo and Google Adsense can be used to infect users with malware
    Sophos claims to have uncovered an interesting new hybrid style of security attack on Twitter users that taps into security issues with Yahoo and Google's Adsense advertising service.
  • What’s in store for 2010?
    The Noughties are behind us now, but memories of a decade of data breaches will continue to haunt the infosec professional. If only there was a way of knowing what the threat landscape would look like in the months to come. Well you’re in luck as Davey Winder has dusted off the crystal ball and spoken to a broad church of infosec professionals to get some informed predictions for 2010
  • Nine lives - when malware becomes self-modifying
    As the Conficker (aka Downadup and Kido) worm proved when it first appeared in October 2008, there's more to a piece of malware code than meets the eye, especially when it is self-updating. But can self-updating also mean self-modifying? Steve Gold investigates whether an IT security manager's nightmare has become programming reality...
  • Batten down the hatches
    Due to the horrifying quantity of vulnerabilities, and often limited time and budget, application and database security can be quite a headache. Limiting privileges and access, however, is a good place to start, finds Danny Bradbury

News

Automated Twitter postings pose a severe security risk

25 June 2009

Twitter has again hit the IT security headlines, this time over the increasing widespread practice of automated retweets - automated repostings - by users of the social networking site/service.

The problem, apparently highlighted by a retweet from former Apple Mac evangelist Guy Kawasaki - now a venture capitalist - in one of his automated postings, is that, if the original tweet includes malicious information, the data is automatically rebroadcast.

And if the recipient of the retweet trusts the sender of the message, the chances of them clicking on an allied URL is quite high.

Finjan, the business Internet security vendor, has come up with a solution to the issue with an enhancement to its SecureBrowsing plug-in for Internet Explorer and Mozilla Firefox.

The SecureTwitter enhanced plug-in reportedly checks each URL as it is called to the browser for its overall safety levels and acts as a free safety net for Twitter users.

The problem of automated retweets is being made worse, Infosecurity notes, by applications such as Seesmic and Tweetdeck, both of which have an automated keyword search function that operates in a similar manner to an RSS feed.

When enabled, these features automatically scan for tweets with a given keyword, again potentially exposing users to unvetted postings.

Finjan's SecureBrowsing - along with other URL checking utilities from the likes of McAfee and Symantec's paid-for IT security offerings - give users a degree of security from rogue messages with embedded URLs.

The problem, however, of having insecure Twitter buddies is a potentially major one, Infosecurity notes.

 

 

This article is featured in:
Application Security Internet and Network Security Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water