Verdict lists five of the most popular tweets on cybersecurity in Q3 2021 based on data from GlobalData’s Technology Influencer Platform.
The top tweets are based on total engagements (likes and retweets) received on tweets from more than 150 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during the third quarter (Q3) of 2021.
The most popular tweets on cybersecurity in Q3 2021: Top five
1. Kevin Beaumont’s tweet on Kaseya supply chain attack
Kevin Beaumont, head of security operations centre at retail company Arcadia Group, shared an article on the Kaseya supply chain attack that impacted more than 1,000 US companies. Kaseya VSA is an endpoint management and network monitoring solution used by Managed Service Providers (MSPs) and has about 40,000 customers. The REvil ransomware was delivered to the VSA during a fake auto update, which first infected the MSPs and then the client systems.
The ransomware removed administrator access to the VSA and subsequently added a fake management agent update called the Kaseya VSA Agent Hot-fix. Kaseya started working on a software update to fix the attack at the earliest, while advising its customers to switch off their VSA, the article detailed.
Supply chain attack of Kaseya, commonly used in managed service provider environments in the United States, leading to mass ransomware event.
Details in link and thread as they develop:https://t.co/YStENYMTdW
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Company Profile – free sampleThank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalData— Kevin Beaumont (@GossiTheDog) July 2, 2021
Username: Kevin Beaumont
Twitter handle: @GossiTheDog
Likes: 1,033
Retweets: 663
2. Mikko Hypponen’s tweet on the biggest General Data Protection Regulation (GDPR) in history facing Amazon
Mikko Hypponen, chief research officer at privacy and security company F-Secure, shared an article on the e-commerce giant Amazon being issued the biggest GDPR fine of $888m in history for violating data privacy laws. The fine was issued by Luxembourg’s National Commission for Data Protection (Commission Nationale pour la Protection des Données).
The penalty was issued after the French privacy rights group La Quadrature du Net filed several lawsuits representing 12,000 customers against Big Tech companies in 2018 when the bloc’s data privacy laws were enacted. Amazon denied the allegations stating that there were no data breaches or exposure of any customer data to third parties, the article highlighted.
The fine comes amid intense scrutiny over Amazon’s business strategies in Europe. The European Union (EU) launched a formal anti-trust investigation against the company, which found that it misused third-party seller data to promote its products, the article detailed.
Biggest GDPR fine in history: Amazon ordered to pay $888 million. This penalty is the result of a 2018 lawsuit on behalf of 12,000 people, launched shortly after the GDPR was established. https://t.co/i1Z4eqrt9F
— @mikko (@mikko) July 30, 2021
Username: Mikko Hypponen
Twitter handle: @mikko
Likes: 221
Retweets: 88
3. Dustin Volz’s tweet on Biden directing agencies to develop cybersecurity standards
Dustin Volz, an intelligence and cybersecurity reporter at The Wall Street Journal, shared an article on the US President Joe Biden signing a national security memorandum that directs federal agencies to create voluntary cybersecurity targets for companies that handle its critical infrastructure. US officials state that it could be the beginning for implementing mandatory requirements, although is currently termed as voluntary.
The new directive by the Biden administration is the latest effort to protect the country from disruptive cyberattacks, following the recent rise in ransomware attacks that impacted businesses and consumers, including the Colonial Pipeline attack, the article detailed.
New: Biden today is signing a national security memorandum directing agencies to develop voluntary standards for cybersecurity protection for critical infrastructure, in what officials said could be a prelude to pursuing mandatory requirements w/ Congress. https://t.co/uPLqzqB6vW
— Dustin Volz (@dnvolz) July 28, 2021
Username: Dustin Volz
Twitter handle: @dnvolz
Likes: 98
Retweets: 54
4. Kim Zetter’s tweet on the video leak at Iran’s Evin prison
Kim Zetter, a cybersecurity journalist, shared an article on a hacking group called Adalat Ali (Justice of ALI) leaking surveillance camera videos of Iran’s Evin prison, which houses Iranian and Western political prisoners. The hackers also stole hundreds of documents, images, and videos of events that took place within the prison, the article noted.
The leak followed a cyberattack on Iran’s railway system, which led to delays and cancellation of several trains. The article noted that it is unclear how the hackers gained access to the surveillance systems, but highlighted that it could be due to the out-of-date software used by the systems. The sanctions imposed by the US and Europe on the Evin prison due to human rights violations have made it difficult to keep the systems up to date, the article added.
Hackers calling themselves Adalat Ali have leaked videos purportedly taken from CCTV cameras at Evin prison where Iranian/Western political prisoners are held. The breach comes wks after computer systems belonging to Iran's railway system were also hacked. https://t.co/hp2Qk60Aow
— Kim Zetter (@KimZetter) August 24, 2021
Username: Kim Zetter
Twitter handle: @KimZetter
Likes: 61
Retweets: 52
5. Runa Sandvik’s tweet on the technical analysis of Pegasus Spyware
Runa Sandvik, a computer security expert, shared a technical report that analysed a version of the Pegasus spyware developed by Israeli technology company NSO Group for iOS. Prepared by software developer Citizen Lab and cybersecurity company Lookout, the report analysed a sophisticated attack using the spyware against several mobile users across the world. Researchers linked the live iOS sample of the malware with NSO’s Pegasus spyware to establish whether the group sold weaponised software that targets mobile phones used by governments.
The report highlighted that the Pegasus spyware was in use for many years and was sold for use on high-value targets to carry out sophisticated espionage on Android, BlackBerry, and iOS phones. The spyware uses strong encryption to evade traditional security measures and is built on a robust monitoring and self-destructing mechanism, the article noted.
In August 2016, @citizenlab and @Lookout collaborated on analyzing a version of NSO's Pegasus spyware for iOS. The technical report is worth a look, especially for those interested in cyber paleontology. #ProjectPegasus https://t.co/gezJCoeRKX
— Runa Sandvik (@runasand) August 5, 2021
Username: Runa Sandvik
Twitter handle: @runasand
Likes: 52
Retweets: 30
Related Company Profiles
WithSecure Oyj
BlackBerry Ltd
Kaseya Ltd
Amazon.com Inc
Lookout Inc