When this SSL Renegotiation bug hit the news, most people said it was a theoretical attack and was of no practical use in the real world.
But then people tend to say that about most things don’t they until they get pwned up the face.
It turns out the rather obscure SSL flaw can be used to [...]

As Twitter gains momentum there are more and more attacks on it, it’s users and the most recent is a phishing scam via DM (Direct Message).
It was uncovered recently that it was being used as a Botnet Control Channel, shortly before that it was subjected to a DoS attack.
This isn’t the first time DMs have [...]

Ah Twitter in the news again, the bad guys sure do keep up with new trends. After being taken offline for a while by a Joejob DDoS attack Twitter is in the news again – this time it’s being used as the command channel for a Botnet.
The normal method for controlling Botnets is via an [...]

Both Facebook and Twitter were hit with pretty severe DDoS attacks rendering them useless and unavailable to the majority of users.
The thing is it seems like it wasn’t a traditional network based botnet style DDoS attack, but a ‘joejob‘ attack where spam is sent out containing a link and the users clicking on the link [...]

I had a spam tweet appear in my stream a while back and like Guy Kawasaki I also had absolutely no idea where it came from.
Perhaps some kinda XSS flaw in Twitter when I visited a site that spawned the message (in a hidden iframe perhaps).
It wouldn’t be the first time Twitter was having security [...]

Click-jacking has hit the news a few times recently with most browsers being susceptible to this kind of redirection attack.
This time it’s Twitter that’s being hit, as with anything gaining popularity it’s going to become the focus of more attacks and attempts to compromise its security.
It seems like click-jacking may well be here to stay [...]

We’ve mentioned Twitter a few times lately as it has become a larger and larger part of the social web and the premier ‘micro-blogging’ platform.
There was a recent Phishing issue on Twitter and before that Twitter Jacking and a CSRF bug that allowed auto-following.
Due to the large update of Twitter, the amount of datable available [...]

I personally received the following direct message on Twitter from someone I know quite well:
hey! check out this funny blog about you…
http://jannawalitax.blogspot.com/
It’s a link to a fake blogspot URL that redirects to a phishing URL for Twitter, it looks the same as the real login page but the actual URL is:
http://twitterblogs.access-logins.com/login (WARNING THIS IS A [...]

It seems the latest target for spammers, opportunists and those into Domain Squatting is the registration of interesting or possibly valuable Twitter usernames.
Twitter has exploded recently as a new ‘micro-blogging’ platform and it works really well, especially when combined with more traditional blogging and the host of tools that have been build around Twitter to [...]

I did mention this earlier in the week when I was talking about Twitter being used as a malware distribution platform, there also seems to be an auto follow vulnerability that spammers would love.
Do you remember Myspace and samy with 900,000 friends? Now we have johng77536 on Twitter!

Last week, TechCrunch’s Jason Kincaid wrote about an [...]