Fake Social Accounts Multiply; Can Users ID Them?

Infosecurity Magazine | April 25, 2019

Fake Social Accounts Multiply; Can Users ID Them?
Despite Facebook and Twitter repeatedly removing illegitimate accounts from their social media platforms, the number of impersonating accounts increased 56% from 2017 to 2018 and is projected to continue to grow by 30% in 2019, according to research from ZeroFOX. Because of this rapid proliferation of fake accounts, it is becoming increasingly more difficult for users to distinguish between accounts that are real or fake, the research found. In an April 23 blog post, ZeroFOX’s Diana Parks wrote, “There is no denying that fake profiles run rampant on social media and digital platforms. Between October 2017 and September 2018, Facebook alone removed almost 2.8 billion illegitimate accounts worldwide. By some estimates, this accounts for between 25–35% of all Facebook accounts.” While fake accounts online are inevitable, they are also highly problematic and pose security risks to individuals and organizations. Bad actors use fraudulent accounts to target individuals using social engineering. Others use fake accounts for scams or to distribute malicious content, phishing and malware, or even inappropriate content.

Spotlight

Butterfly* is a group of highly capable, professional attackers who perform corporate espionage with a laser-like focus on operational security. The team is a major threat to organizations that have large volumes of proprietary intellectual property, all of which is at risk of being stolen by this group for monetary gain. The Butterfly attackers, who Symantec believes are a small number of technically capable individuals, compromised several major technology companies including Twitter, Facebook, Apple and Microsoft in early 2013.

Related News

G-Cloud 12 Redscan services to help protect the public sector against cyber-attacks

prnewswire | September 28, 2020

Redscan, the Managed Detection and Response and Penetration Testing specialist, today announced the availability of its services on G-Cloud 12 – the latest iteration of the UK Government's cloud procurement platform. The Redscan services listed are ThreatDetect– Managed Detection and Response as well as CREST-accredited Penetration Testing and IT Health Checks. These services are designed to enable organisations to reliably secure their infrastructure and assets as well as rapidly detect and respond to threats.

Read More

DATA SECURITY

Spectral has joined the Open Source Security Foundation to help Strengthen Open-Source Software Security

Spectral | April 27, 2021

Spectral, the developer first software safety organization, declared they have become supporters of the Open Source Security Foundation (OpenSSF). Spectral is currently an individual from OpenSSF's developing worldwide local area expecting to improve the security of open-source programming. OpenSSF is cross-industry cooperation zeroed in on measurements, tooling, weakness divulgences, security tooling, best practices, and then some, to get the open-source environment and improve the security of open-source programming (OSS). OpenSSF unites pioneers from around the world to give a discussion to genuinely collective, cross-industry endeavors. Spectral is a developer first software safety solution that finds and ensures against exorbitant security botches in code, setup, and other engineer resources. Otherworldly utilizes the main mixture examining motor, that consolidates AI and many indicators to discover and ensure against hurtful security blunders in code, solutions, and different ancient rarities. In accordance with OpenSSF's main goal, Spectral as of late delivered Teller, an open-source instrument that assists developers with recovering and utilize touchy access subtleties. At the point when engineers need to get to mysteries, they frequently need to depend on utilizing homebrewed custom content or duplicating privileged insights from a vault to their neighborhood advancement climate. Teller is the principal open-source secret supervisor addressing the "last mile issue" by giving a developer cordial, normalized strategy for getting to and utilizing mysteries that protects touchy data. "Spectral's main goal is to empower developers to assemble and dispatch programming at scale without stress. We feel that the OpenSSF activity is the ideal scene to examine and improve open source security and is a characteristic stage that engages engineers. The Spectral group is glad to take part in the functioning gatherings and offer their ability in security investigation and exploration of innovation stacks at scale, engineer insight (DX) and tooling, open-source codebases examination and patterns, developer social investigation, however a definitive objective of improving open source security and engineer bliss," said Dotan Nahum, CEO and prime supporter of Spectral. About Spectral Spectral is a lightning-quick, developer first software protection solution that goes about as a control plane over source code and other engineer resources. It finds and ensures against hurtful security blunders in code, designs, and different antiquities. Spectral utilizes the principal cross breed checking the motor, consolidating AI and many locators, guaranteeing engineers can code with certainty while shielding organizations from signific

Read More

DATA SECURITY

BitSight and Marsh McLennan Collaborate to Bolster Organizations' Cybersecurity Performance

BitSight | November 24, 2021

Exclusive Networks, a global trusted cybersecurity specialist for digital infrastructure, today announced its worldwide distribution agreement with Infinipoint, a provider of a pioneering Device-Identity-as-a-Service (DIaaS) security solution that uniquely enables the critical device pillar of the zero-trust cybersecurity approach. Focusing on mid-market aligned partners – initially in Europe covering France, Germany, and the UK with a view to extending across global territories from early 2022 – Exclusive will be supporting Infinipoint growth targets both through net new opportunities and by capitalising on technology integrations (i.e., SASE, MFA, ZTNA, etc.) and alliances from within its vendor portfolio. Commenting on the announcement, Andy Travers, EVP Worldwide sales & Marketing at Exclusive Networks said, "Of the seven pillars propping up the concept of zero-trust architecture (ZTA), partners have struggled most to position a strong story around zero-trust for device access because specialist solutions simply haven't existed. That's all changed with Infinipoint and DIaaS. Enterprises know that implementing the zero-trust for devices piece right is essential – and with Infinipoint we're breaking down that barrier. It's a great solution and fits perfectly into our cyber ecosystem. DIaaS also naturally supports a multitude of consumption models which makes it readymade for scaling out globally via our X-OD on-demand platform." Launched in July this year, DIaaS has been gaining significant market traction. Exclusive will build on this demand to accelerate and scale globally through its specialist go-to-market services and ecosystem of over 18,000 channel partners. Ariel Kriger, Global VP, Sales & Business Development at Infinipoint said, "Infinipoint is pioneering the Device-Identity-as-a-Service security category and is the first and only solution to provide Single Sign-On (SSO) authorisation integrated with risk-based policies and self-service one-click remediation for non-compliant and vulnerable devices. "Exclusive Networks was the natural choice to support our market acceleration, possessing the necessary specialist cyber expertise and global scale to enthuse, educate and serve pent-up partner demand for this gap in the zero-trust market. Extending a zero-trust security posture to devices remains an essential and urgent requirement for every work-from-anywhere workforce. And to do it properly you have to do it by design, with adaptive access controls acting on device context, continuously checking device posture not just at the point of access – all the while not burdening the IT department or negatively impacting end user productivity. None of this is easy to do, but we've done it and now partners, and their customers can reap the benefit." About Exclusive Networks Exclusive Networks is a global trusted cybersecurity specialist for digital infrastructure helping to drive the transition to a totally trusted digital future for all people and organisations. Our distinctive approach to distribution gives partners more opportunity and more customer relevance. Our specialism is their strength – equipping them to capitalise on rapidly evolving technologies and transformative business models. The Exclusive Networks story is a global one with a services-first ideology at its core, harnessing innovation and disruption to deliver partner value. With offices in 40 countries and the ability to service customers in over 150 countries across five continents, Exclusive Networks has a unique 'local sale, global scale' model, combining the extreme focus and value of local independents with the scale and service delivery of a single worldwide distribution powerhouse. About Infinipoint Infinipoint is a pioneer in the Device-Identity-as-as-Service security category to extend a true zero-trust security posture to devices. Infinipoint is the only solution that provides Single Sign-On (SSO) authorization integrated with risk-based policies and one-click remediation for non-compliant and vulnerable devices. This reduces risk by protecting access to an organization's data and services while transforming devices to support a world-class security posture. Infinipoint is able to do all this in a productive way that maintains business continuity with no disruption to the workforce.

Read More

Spotlight

Butterfly* is a group of highly capable, professional attackers who perform corporate espionage with a laser-like focus on operational security. The team is a major threat to organizations that have large volumes of proprietary intellectual property, all of which is at risk of being stolen by this group for monetary gain. The Butterfly attackers, who Symantec believes are a small number of technically capable individuals, compromised several major technology companies including Twitter, Facebook, Apple and Microsoft in early 2013.