SwiftOnSecurity

Last updated

SwiftOnSecurity is a pseudonymous computer security expert and influencer on Twitter, inspired from Taylor Swift. [1] [2] [3] As of May 2024, they have over 405,400 followers. [4] The account was originally created to post Taylor Swift-related memes about the Heartbleed bug. The name was chosen due to Swift's caution with regard to digital security, and the account's original focus on cybersecurity. [5] The account has been cited in news articles about computer security. [6] [7] They are a Microsoft MVP, and work as an endpoint monitoring lead for a Fortune 500 company. [8] Their blog contains general computer security advice, with a large amount dedicated to Windows and phishing. [9]

Contents

Atlassian vulnerability

In December 2019, SwiftOnSecurity tweeted about an issue in Atlassian software that embedded the private key of a domain. This turned out to be a security vulnerability, and was assigned CVE - 2019-15006. [10]

Related Research Articles

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

<span class="mw-page-title-main">Todd Swift</span> British-Canadian poet

Stanley Todd Swift, is a British-Canadian poet, screenwriter, university teacher, editor, critic, and publisher based in the United Kingdom.

<span class="mw-page-title-main">Peiter Zatko</span> American computer security expert

Peiter C. Zatko, better known as Mudge, is an American network security expert, open source programmer, writer, and hacker. He was the most prominent member of the high-profile hacker think tank the L0pht as well as the computer and culture hacking cooperative the Cult of the Dead Cow.

<span class="mw-page-title-main">Adam Tinworth</span> British role-playing game designer and journalist

Adam Matthew J. Tinworth is a journalist and writer who co-authored two major role-playing games, Demon: The Fallen and Werewolf: The Forsaken from White Wolf Publishing. He was also an extensive contributor to Hunter: The Reckoning, a game line that was subsequently ported to video games.

Jira is a proprietary product developed by Atlassian that allows bug tracking, issue tracking and agile project management. Jira is used by a large number of clients and users globally for project, time, requirements, task, bug, change, code, test, release, sprint management.

<span class="mw-page-title-main">Atlassian</span> Australian enterprise software company

Atlassian Corporation is an Australian-American software company that develops products for software developers, and project managers among other groups. The company is domiciled in Delaware, with global headquarters in Sydney, Australia, and US headquarters in San Francisco.

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat (APT) groups, against other countries.

<span class="mw-page-title-main">Elie Bursztein</span> French computer scientist and hacker (born 1980)

Elie Bursztein, is a French computer scientist and software engineer. He is Google and DeepMind AI cybersecurity technical and research lead.

Jigsaw LLC is a technology incubator created by Google. It used to operate as an independent subsidiary of Alphabet Inc., but came under Google management in February 2020. Based in New York City, Jigsaw is dedicated to understanding global challenges and applying technological solutions, from "countering extremism", online censorship and cyber-attacks, to protecting access to information. Its current CEO is Yasmin Green.

Identity-based security is a type of security that focuses on access to digital information or services based on the authenticated identity of an entity. It ensures that the users and services of these digital resources are entitled to what they receive. The most common form of identity-based security involves the login of an account with a username and password. However, recent technology has evolved into fingerprinting or facial recognition.

On August 31, 2014, a collection of nearly five hundred private pictures of various celebrities, mostly women, with many containing nudity, were posted on the imageboard 4chan, and swiftly disseminated by other users on websites and social networks such as Imgur and Reddit. The leak was dubbed "The Fappening" or "Celebgate" by the public. The images were initially believed to have been obtained via a breach of Apple's cloud services suite iCloud, or a security issue in the iCloud API which allowed them to make unlimited attempts at guessing victims' passwords. Apple claimed in a press release that access was gained via spear phishing attacks.

Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them since 2010. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and ZINC or Diamond Sleet. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.

<span class="mw-page-title-main">Troy Hunt</span> Australian web security expert

Troy Adam Hunt is an Australian web security consultant known for public education and outreach on security topics. He created and operates Have I Been Pwned?, a data breach search website that allows users to see if their personal information has been compromised. He has also authored several popular security-related courses on Pluralsight, and regularly presents keynotes and workshops on security topics. He created ASafaWeb, a tool that formerly performed automated security analysis on ASP.NET websites.

<span class="mw-page-title-main">OurMine</span> Hacker group

OurMine is a hacker group that is known for hacking popular accounts and websites, such as Jack Dorsey and Mark Zuckerberg's Twitter accounts. The group often causes cybervandalism to advertise their commercial services, which is among the reasons why they are not widely considered to be a "white hat" group.

Credential stuffing is a type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords, and then uses the credentials to gain unauthorized access to user accounts on other systems through large-scale automated login requests directed against a web application. Unlike credential cracking, credential stuffing attacks do not attempt to use brute force or guess any passwords – the attacker simply automates the logins for a large number of previously discovered credential pairs using standard web automation tools such as Selenium, cURL, PhantomJS or tools designed specifically for these types of attacks, such as Sentry MBA, SNIPR, STORM, Blackbullet and Openbullet.

Marcus Hutchins, also known online as MalwareTech, is a British computer security researcher known for stopping the WannaCry ransomware attack. He is employed by cybersecurity firm Kryptos Logic. Hutchins is from Ilfracombe in Devon.

<span class="mw-page-title-main">Petya (malware family)</span> Family of encrypting ransomware discovered in 2016

Petya is a family of encrypting malware that was first discovered in 2016. The malware targets Microsoft Windows–based systems, infecting the master boot record to execute a payload that encrypts a hard drive's file system table and prevents Windows from booting. It subsequently demands that the user make a payment in Bitcoin in order to regain access to the system.

Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.

<span class="mw-page-title-main">Capture the flag (cybersecurity)</span> Computer security exercise

Capture the Flag (CTF) in computer security is an exercise in which participants attempt to find text strings, called "flags", which are secretly hidden in purposefully-vulnerable programs or websites. They can be used for both competitive or educational purposes. In two main variations of CTFs, participants either steal flags from other participants or from organizers. A mixed competition combines these two styles. Competitions can include hiding flags in hardware devices, they can be both online or in-person, and can be advanced or entry-level. The game is inspired by the traditional outdoor sport of the same name.

References

  1. Conger, Kate (September 5, 2019). "The Work Diary of Parisa Tabriz, Google's 'Security Princess'". The New York Times . ISSN   0362-4331 . Retrieved February 23, 2020.
  2. Whittaker, Zack. "When security meets sarcasm: Taylor Swift brings infosec to the masses". ZDNet . Retrieved February 23, 2020.
  3. Zimmerman, Jess (June 18, 2015). "Parody Twitter accounts have more freedom than you and I ever will | Jess Zimmerman". The Guardian . ISSN   0261-3077 . Retrieved February 23, 2020.
  4. "SwiftOnSecurity (@SwiftOnSecurity) | Twitter". Twitter . Retrieved December 27, 2022.
  5. Hern, Alex (January 29, 2019). "How Taylor Swift became a cybersecurity icon". The Guardian. ISSN   0261-3077 . Retrieved February 23, 2020.
  6. "Password expiration is dead, long live your passwords". TechCrunch . June 2, 2019. Retrieved February 23, 2020.
  7. "Google Busy Removing More Malicious Chrome Extensions from Web Store". threatpost.com. Retrieved February 23, 2020.
  8. "About this site". Decent Security. Retrieved February 23, 2020.
  9. "Decent Security". Decent Security. Retrieved February 23, 2020.
  10. Thomas, Claburn. "Atlassian scrambles to fix zero-day security hole accidentally disclosed on Twitter". The Register . Retrieved February 23, 2020.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.