Showing posts with label Twitter. Show all posts
Showing posts with label Twitter. Show all posts

Tuesday, February 21, 2012

In the Twitter future, everyone will be famous for 15 seconds

In the old days, when a blogpost got picked up ("slashdotted"), I'd see heavy but steady traffic for days. These days, I see frequent "spikes" of traffic that last for only a few minutes, which then decays. It's how fast that spike decays that's interesting.

The spikey nature of traffic comes from social-networking. People's Twitter and Facebook update several times a minute. When something gets posted at the top, it'll scroll off the bottom a few minutes later. When somebody with a lot of followers links to my blogpost, I'll see a spike of traffic for as long as it stays visible, with traffic decaying quickly as the tweet scrolls downward.
Read more »
By 2 comments: Links to this post
Labels: , ,

Monday, April 04, 2011

Anatomy of a Twitter worm ("Profile Spy")

I woke up this morning and among the tweets I saw this:
(Name has been pixelated to protect the guilty)

This looks like a worm/scam (some news here, so I thought I'd write up a technical explanation.
Read more »
By 2 comments: Links to this post
Labels: ,

Monday, April 05, 2010

The First Steps to a Career in Information Security

Last week I talked to the students of Georgia State University's CIS/InfoSec program about things they should be doing now to prepare for an exciting career in information security. Most of the steps they already knew, so I tried to think of the things that nobody told me in school that really helped me.

Here's my 15 minute presentation to the class. Below that is a summary of the talk and the links that I mentioned.

Read more »
By No comments: Links to this post
Labels: , , , , ,

Monday, February 01, 2010

More on Twitter.


Special events like the football playoffs, awards shows, and politics can been seen in the twitter post statistics Twiguard collects. We can normally see some sort of spike, with the Grammys being no exception. We recorded 3.2 million tweets in a single hour which is way above the average of around 1.4 million tweets. To the left is a chart from 3am on Feb 1 showing the last 24 hour of tweet data we collected.

Malware authors often take this as a chance to spread new malware advertised as a link to something about the event. Normally we flag about 8% of Twitter traffic as spam or malware. Last night during the highest hour of tweets that number skyrocketed to almost 22%.

Just thought the stat was interesting.
By No comments: Links to this post
Labels: ,

Twiguard update week 4 and final week.


Although this update was a little late the analysis ran at the correct time and produced its results. 1239 bad urls in the list with 876 of them being new. That is almost 70%. The chart to the left shows the progression from week one of total flagged URLs in red with the unique URLs that week in blue. After 4 weeks they almost intersect and at this rate I am guessing that they will intersect in the next few weeks. This goes along way to showing that URL blacklisting alone is not fast enough to stop a spread on malware on a social network like twitter.

There are alot of reasons that can explain the numbers with one being that although we captured the URL weeks ago it didn’t start hosting malware until recently. Keep in mind though that the purpose of this experiment is to judge how quickly traditional blacklists can respond to malware spread with Twitter. Although Safe Browse may have flagged a URL as bad this week that doesn’t mean it was serving malicious content when it was first captured by Twiguard. In this experiment the majority of bad urls captured (58.6%) are hosted in Brazil. On Sunday the 7th twiguard will capture another 24 hours worth of URLs and make them available to anybody who wishes to duplicate this experiment.
By No comments: Links to this post
Labels: , ,

Tuesday, September 08, 2009

Tweet Theft Spam

I’ve been playing around with tracking spam and malware on Twitter, a project we call TwiGUARD, and have been learning new things.

Last night I was testing my TwiGUARD analysis tool and it marked a user as spam, but when I manually checked the profile, it looked legitimate. The user had some timely quotes and seemed to be a real person. Sure, it’s a real person who likes to retweet offers for free money, but who am I to judge?

Then a lightbulb went off in my head. I copied the non-spam looking posts into the Twitter search engine and found a young lady in Iowa had tweeted the exact quote an hour before. The spambot had simply stolen her tweet and copied it in order to appear as a legitimate person.

I found many other spambots who did the same thing. They simply track the top 10 “Tending Topics”, find people who replied to those topics, then steal other tweets those people have made.

Anyway, I feel like a parent who has been surpassed by his kid. I was fooled by the spambot, but my tool wasn’t.

Below are two screen shots of tweet theft I found while writing this post. It comes from parsing "#wheniwaslittle I", which is current the #1 “trending topic”. The first screen shot is the spammer (You can tell by the pleas to watch her dirty videos) followed up by a screen shot of the lass who made the original comment.


This is the spam!


This is the orginal comment.
By 1 comment: Links to this post
Labels: ,

Monday, June 30, 2008

Errata Security Twitter

You read right... in keeping with Errata Security's mission to be cutting edge with the latest in internet technology, we now have a Twitter!

To follow along with all the fun, sign up for your own Twitter, and follow us at http://twitter.com/Errata.

Post below if you already have a Twitter and you'd like to be friends!
By 3 comments: Links to this post
Labels:
Subscribe to: Posts (Atom)