Verdict lists five of the most popular tweets on cybersecurity in Q3 2021 based on data from GlobalData’s Technology Influencer Platform.

The top tweets are based on total engagements (likes and retweets) received on tweets from more than 150 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during the third quarter (Q3) of 2021.

The most popular tweets on cybersecurity in Q3 2021: Top five

1. Kevin Beaumont’s tweet on Kaseya supply chain attack

Kevin Beaumont, head of security operations centre at retail company Arcadia Group, shared an article on the Kaseya supply chain attack that impacted more than 1,000 US companies. Kaseya VSA is an endpoint management and network monitoring solution used by Managed Service Providers (MSPs) and has about 40,000 customers. The REvil ransomware was delivered to the VSA during a fake auto update, which first infected the MSPs and then the client systems.

The ransomware removed administrator access to the VSA and subsequently added a fake management agent update called the Kaseya VSA Agent Hot-fix. Kaseya started working on a software update to fix the attack at the earliest, while advising its customers to switch off their VSA, the article detailed.

Supply chain attack of Kaseya, commonly used in managed service provider environments in the United States, leading to mass ransomware event.

Details in link and thread as they develop:https://t.co/YStENYMTdW

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

— Kevin Beaumont (@GossiTheDog) July 2, 2021

Username: Kevin Beaumont

Twitter handle: @GossiTheDog

Likes: 1,033

Retweets: 663

2. Mikko Hypponen’s tweet on the biggest General Data Protection Regulation (GDPR) in history facing Amazon

Mikko Hypponen, chief research officer at privacy and security company F-Secure, shared an article on the e-commerce giant Amazon being issued the biggest GDPR fine of $888m in history for violating data privacy laws. The fine was issued by Luxembourg’s National Commission for Data Protection (Commission Nationale pour la Protection des Données).

The penalty was issued after the French privacy rights group La Quadrature du Net filed several lawsuits representing 12,000 customers against Big Tech companies in 2018 when the bloc’s data privacy laws were enacted. Amazon denied the allegations stating that there were no data breaches or exposure of any customer data to third parties, the article highlighted.

The fine comes amid intense scrutiny over Amazon’s business strategies in Europe. The European Union (EU) launched a formal anti-trust investigation against the company, which found that it misused third-party seller data to promote its products, the article detailed.

Biggest GDPR fine in history: Amazon ordered to pay $888 million. This penalty is the result of a 2018 lawsuit on behalf of 12,000 people, launched shortly after the GDPR was established. https://t.co/i1Z4eqrt9F

— @mikko (@mikko) July 30, 2021

Username: Mikko Hypponen

Twitter handle: @mikko

Likes: 221

Retweets: 88

3. Dustin Volz’s tweet on Biden directing agencies to develop cybersecurity standards

Dustin Volz, an intelligence and cybersecurity reporter at The Wall Street Journal, shared an article on the US President Joe Biden signing a national security memorandum that directs federal agencies to create voluntary cybersecurity targets for companies that handle its critical infrastructure. US officials state that it could be the beginning for implementing mandatory requirements, although is currently termed as voluntary.

The new directive by the Biden administration is the latest effort to protect the country from disruptive cyberattacks, following the recent rise in ransomware attacks that impacted businesses and consumers, including the Colonial Pipeline attack, the article detailed.

New: Biden today is signing a national security memorandum directing agencies to develop voluntary standards for cybersecurity protection for critical infrastructure, in what officials said could be a prelude to pursuing mandatory requirements w/ Congress. https://t.co/uPLqzqB6vW

— Dustin Volz (@dnvolz) July 28, 2021

Username: Dustin Volz

Twitter handle: @dnvolz

Likes: 98

Retweets: 54

4. Kim Zetter’s tweet on the video leak at Iran’s Evin prison

Kim Zetter, a cybersecurity journalist, shared an article on a hacking group called Adalat Ali (Justice of ALI) leaking surveillance camera videos of Iran’s Evin prison, which houses Iranian and Western political prisoners. The hackers also stole hundreds of documents, images, and videos of events that took place within the prison, the article noted.

The leak followed a cyberattack on Iran’s railway system, which led to delays and cancellation of several trains. The article noted that it is unclear how the hackers gained access to the surveillance systems, but highlighted that it could be due to the out-of-date software used by the systems. The sanctions imposed by the US and Europe on the Evin prison due to human rights violations have made it difficult to keep the systems up to date, the article added.

Hackers calling themselves Adalat Ali have leaked videos purportedly taken from CCTV cameras at Evin prison where Iranian/Western political prisoners are held. The breach comes wks after computer systems belonging to Iran's railway system were also hacked. https://t.co/hp2Qk60Aow

— Kim Zetter (@KimZetter) August 24, 2021

Username: Kim Zetter

Twitter handle: @KimZetter

Likes: 61

Retweets: 52

5. Runa Sandvik’s tweet on the technical analysis of Pegasus Spyware

Runa Sandvik, a computer security expert, shared a technical report that analysed a version of the Pegasus spyware developed by Israeli technology company NSO Group for iOS. Prepared by software developer Citizen Lab and cybersecurity company Lookout, the report analysed a sophisticated attack using the spyware against several mobile users across the world. Researchers linked the live iOS sample of the malware with NSO’s Pegasus spyware to establish whether the group sold weaponised software that targets mobile phones used by governments.

The report highlighted that the Pegasus spyware was in use for many years and was sold for use on high-value targets to carry out sophisticated espionage on Android, BlackBerry, and iOS phones. The spyware uses strong encryption to evade traditional security measures and is built on a robust monitoring and self-destructing mechanism, the article noted.

In August 2016, @citizenlab and @Lookout collaborated on analyzing a version of NSO's Pegasus spyware for iOS. The technical report is worth a look, especially for those interested in cyber paleontology. #ProjectPegasus https://t.co/gezJCoeRKX

— Runa Sandvik (@runasand) August 5, 2021

Username: Runa Sandvik

Twitter handle: @runasand

Likes: 52

Retweets: 30