Be cautious of fake charities looking to take advantage of your generosity.
Whether you’re participating in #GivingTuesday or simply in a giving mood this holiday season🎁, take a look at our tips to protect yourself from these types of scams: https://t.co/lVILvoddPu
Not every #BoxingDay deal is as sweet as it sounds. Stay on your toes and sniff out those sketchy offers. Think you can outsmart a phishing scam? Challenge accepted! Take a quiz at https://t.co/wWdLhVnUgf today! https://t.co/wWdLhVnUgf
#holidayscams
🚩🚩Scam Alert 📢📢
@torontopolice has seen a rise in reported job scams initiating through WhatsApp. Legitimate companies will not require you to invest in cryptocurrency. Please do your research when being randomly messaged on WhatsApp and other messaging applications. #jobscam
@RevMacTO@Vistaprint Hey @RevMacTO, I'd like to discuss the targeted SMS phishing you received that contained your personal information shortly after your @Vistaprint order. Please send me a DM.
@nomadicmatt I have a quick suggested correction for a typo in one of your articles. Looks like your DMs are closed, but if you DM me I'll send you the details. Thanks.
@briankrebs@mslavco@haveibeenpwned For sure, but there's still utility in it and some interesting commercial solutions using consortium data to identify cred stuffing before the pwds are known to be compromised. I agree that solid multi-factor authentication is the way. But not all consumers adopt when offered.
Repeat after me, folks: Successful credential stuffing attacks does not equal breach. This happens to 100% of companies that do business online today. Let's move the conversation to whether the org offers 2FA and what kinds. But everything else is a distraction.
Researchers use AI to develop 'DeepMasterPrints' to fool smartphone fingerprint biometrics with a relatively high success rate.
#biometrics#threatlandscape https://t.co/lxCX2YeBA0
Facebook breach affecting up to 90M users. The breach resulted from a vulnerability with the company's implementation of access tokens. Affected user's passwords weren't compromised but all other data within their Facebook account may have been.
https://t.co/9eekKxXYxO
Experts urge rapid patching of Apache Struts flaw, for which there is already exploit code available. https://t.co/nWHUm5GcIt Ask Equifax how it worked out for them not patching a similar bug quickly. Took roughly 3 days for bad guys to break in after exploit went live in 2017.
Evidence that we can't judge the competence of a young security researcher (or anyone else) based their age alone. Great work @spudowiar.
See @briankrebs write-up at: https://t.co/gSgOCDYxV4 https://t.co/D37kc242VX
Hey @TwitterBusiness, I got your email today to complete a survey, but it looks like you have an expired certificate (Feb 9th) on the site hosting the survey. Please let me know once it's replaced and I'll complete it.
@TangerineHelps Hey @TangerineHelps, your infrastructure team works fast. Can see they replaced that Symantec certificate the following day (Feb8) with a new cert from another issuer to resolve the issue. Thanks for passing it along!
Heads up @TangerineHelps -
Users are unable to access https://t.co/yYl5KH9v1j using @googlechrome Dev v66.0.3335.4 today.
@TangerineBank please replace your untrusted @symantec certificate (issued prior to June 1, 2016).
https://t.co/wa3ZxeKGDt