Cybersecurity Private Equity

Cyber TRUST™ Index

129

-0

52 Week

223

120

Index at 100 on January 1, 2020

The Case of Twitter [Weekly Cybersecurity Brief]

Halloween may be over now, but spooky season is lingering for Twitter. Along with the controversy that Elon Musk’s takeover has stirred, concerns are emerging over the cybersecurity risk the social media company now faces because of it. 

Following the news that Twitter may be planning to charge users monthly fees for verification badges on the platform, TechCrunch reports that hackers may be waiting in the wings. With these potential changes, phishing email campaigns have started popping up taking advantage of users attempting to navigate the information coming their way. For instance, an email seen by TechCrunch was presented as a help form. It was an attempt to compromise login information. Since flagging this message, which was sent from a Gmail account, TechCrunch has alerted Google. Google has since taken down the site the email led to.

In addition to proposed shifts such as verification fees, it has also been speculated that Musk is proposing staff cuts. According to France24, some of these positions could include members of the engineering, legal and policy teams. This is giving rise to worries that the company will be left without the proper expertise to manage cybersecurity challenges and varying international regulations. 

It is not just Twitter facing cybersecurity issues, though. In another TechCrunch report, it was revealed that the Federal Trade Commission has filed a legal complaint against tech leader and textbook rental platform, Chegg, for what the agency described as “careless” cybersecurity practices. The FTA is citing four breaches that occurred between 2017 and 2020 and led to the exposure of information associated with millions of customers and employees. On top of that, the company is being accused of not having a written security policy in place. In an agreement set up between Chegg and the FTA, the company will enact a training program for its team members and allow customers access to the data that has been collected on them.

Key Takeaways:

“Twitter’s verification chaos is now a cybersecurity problem” – Zack Whittaker, TechCrunch

https://techcrunch.com/2022/10/31/twitter-verification-phishing/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAL3V-Hi-PkJAvHZRSIax8RSyP21Ka1hOooqq6RxeCsXwnpxEZwDETZ6yuaA_5dxdWkpvX59RyqPQjsLsAqhwzg3ahOlXsAatz_SiVTJjc50yNyqCBGu1vzHd14d7J789rZMLbwG7ZL_MycEVUuZ4eVE2kRmErBtoPDQMT01zYdOy 

  • As TechCrunch reports, hackers are looking to take advantage of the proposed changes coming to Twitter after Elon Musk’s takeover of the company.
  • The media outlet saw a phishing email posing as a help form from Twitter in order to gain access to login information.
  • The email came from a Gmail account, so TechCrunch notified Google.

“Hackers, abusers and regulators may vex Musk at Twitter” – France 24

https://www.france24.com/en/live-news/20221029-hackers-abusers-and-regulators-may-vex-musk-at-twitter

  • The speculation that Elon Musk is considering staff cuts at Twitter is also giving rise to cybersecurity concerns.
  • According to France24, some of these positions could include members of the engineering, legal and policy teams.
  • The worry is that without such staff, the company will lack cybersecurity expertise, including international regulation knowledge.

“FTC schools edtech giant Chegg over ‘careless’ cybersecurity practices” – Carly Page, TechCrunch

https://techcrunch.com/2022/11/01/ftc-chegg-breaches-cybersecurity/ 

  • The Federal Trade Commission has filed a legal complaint against tech leader and textbook rental platform, Chegg, for what the agency described as “careless” cybersecurity practices.
  • The FTA is citing four breaches that occurred between 2017 and 2020 and led to the exposure of information associated with millions of customers and employees.
  • In an agreement set up between Chegg and the FTA, the company will reportedly enact a training program for its team members and allow customers access to the data that has been collected on them.
Share

You Might Also Like...

IT Support by SADOSSecure, Fast Hosting for WordPress