Tag Archives: Facebook

Immediate Vault Immediate Access

Managing Strategic Risk: Yahoo’s Crisis

Posted on by

All the major tech sector firms have their issues. Apple just lost its transcendent leader. Google’s sprawl, some fear, may be leading it down the same path that Microsoft took as it lost its crown as king of the tech mountain. Facebook, well, really, doesn’t have many real problems considering that its rumored-to-be-coming-soon IPO is expected to take in $100 billion. But privacy concerns persist — so much so that an FTC investigation led the agency to mandate the social network to undergo 20 years of privacy audits and obtain consent from users before sharing their personal information.

But such issues pale in comparison to the crisis Yahoo faces, something that is enticing some firms to make a bid for the former tech giant.

http://www.bloomberg.com/news/2011-11-30/alibaba-led-group-said-to-prepare-bid-for-yahoo-web-portal-s-shares-jump.html

Primarily, the company is suffering from a lack of diversification of its revenue stream. To remain healthy, it likely needs to find ways to make money that aren’t related to email, as the chart above from Business Insider shows. As the publication notes, “For all of its success, at its core, Yahoo is still an email business. People use Yahoo email and then from there land on its other properties. The rise of smartphones and iPads is a problem for Yahoo. On those devices, email is a native application that doesn’t encourage people to checkout Yahoo’s pages.”

We highlighted this threat — which, at least in part, prompted the company to fire CEO Carol Bertz in September — in our annual “Year in Risk” look-back at previous 12 months.

The CEO of Yahoo, a company that helped define the internet as a revolutionary means of communication, found out the old-fashioned way that she had been fired: over the phone. Carol Bartz’s uninspiring two-year reign atop the firm came to end as the company showed little ability to adapt its business model to thrive in either advertising or content creation after partnering with Microsoft in hopes of preserving its original core business — internet search. Yahoo’s stock has yet to recover after cratering in late 2008, leaving many tech analysts to wonder if the company has a future.

It’s hard to say what the company will do to revamp its long-term strategy.

But it is becoming increasingly clear that the current route may be a path to nowhere.

The Risks of Social Media: Spam Attacks Q&A

Posted on by

In mid-November, Facebook became the target of spam attack that infiltrated user’s profile pages on which it posted disturbing images. The attack caused an uproar due to the nature of the violent and sexually explicit images. Facebook chalked it up to a “security bug in an internet browser.” But this was not the first (or, most likely, last) spam attack on the social media site. Over the Thanksgiving weekend, the Facebook community forum was flooded with spam messages that advertised links for streaming sporting events. And just today it was announced that a new worm spreading on Facebook is aiming to infect users with a data-stealing virus. Though not considered a spam attack, it is just another example of the risks of social media.

With questions on this topic, I turned to Dr. Hongwen Zhang, co-founder and CEO of Wedge Networks.

Facebook has been the target for several recent aggressive spam attacks. What makes the site so popular for spammers?

Spammers are moving their efforts away from email and towards social media, exploiting the ability to create fake profiles for free while quickly gaining a massive online presence across various platforms such as Facebook. In addition, hackers/spammers are capitalizing on the popularity of social media by manipulating end-users into downloading malicious content or browsing malicious sites. Studies conducted by security vendor Kaspersky Labs, show that social networking sites are 10 times more effective at delivering malware than previous methods of email delivery. This is a result of social media sites, such as Facebook, where development is based on human relationships and the ability to quickly and easily connect, creating a perfect breeding ground for malicious code and spam.

What were the implications of the recent Facebook spam attack?

With such a large online community, the increasing amount of spam and malware affects Facebook’s operations as well as their users. While the most recent spam attack isn’t new, the violent and pornographic nature of November’s attack upset users more than usual, who went to their blogs, Twitter or Facebook accounts to discuss the outbreak. As of October of this year, Facebook said that spam represents less than 4% of content shared on the social networking website and affects under 0.5%, or 4 million users, on any given day. This is still a large number of people who are being affected on a daily basis and I suspect that this number only includes spam that Facebook catches, therefore it’s not 100% accurate.

Have there been any recent spam attacks on other social networking sites, such as Twitter or LinkedIn?

Twitter and LinkedIn both have faced similar attacks as Facebook, although we have not seen any published information on these attacks as large of a scale or as organized as what we saw in November with Facebook’s stream of spam messages on user profiles and on their help forum. However, most social media sites follow the same principles of user-generated content on trustworthy sites and as such, hackers and spammers can quickly and easily publish their attacks on all sites and expect a similar effect. For example, there have been many documented cases of spam and malware on multiple sites at once, such as the Starbucks themed attack that used both Facebook and Twitter concurrently in November. According to Sophos, spamming on social networks rose in 2010, with 67% of people surveyed receiving spam messages, up from 57% at the end of 2009 and 33% in the middle of that year. Phishing and malware incidents were also rife, with 43% of users spotting phishing attempts and 40% receiving malware.

How can these spam attacks affect businesses who use social media for marketing purposes?

Twitter, Facebook and LinkedIn have entered the IT security landscape — bringing both advantages and dangers to your business. Organizations continue to utilize social media services for marketing and its employees utilize social media for personal usage. IT departments must balance use with control in order to protect a business in the social media world. It becomes a two-fold job:

1. Stopping Outbound Malicious Spam:
Proactively controlling outbound content mitigates the risk of disclosure, ensures appropriate information is being sent and stops the network from sending out spam or malware from your organization. Organizations need to take measures to ensure that its corporate accounts are safe. This includes limiting passwords, staying up-to-date on industry trends and providing education to staff that are managing social media accounts on behalf of the organization. In addition, outbound malware and spam threatens business relationships with customers and negatively impacts the reliability of the brand. Companies must use content protection strategies to strengthen their brand by preventing the distribution of bad outbound content, including spam and malware from their corporate IP or account.

2. Protecting You and Your Employees from the Dangers of Social Media:
Organizations must also protect their networks and assets from employees who use social media sites. With high click through rates, spam being sent through social media can damage corporate assets as well as cost organizations time and money while they clean infected devices. Inline real-time threat protection and malware analysis of all content, including hidden injected malware attacks and downloads, is necessary to efficiently analyze web traffic for malicious attacks against all endpoints. This provides organizations with the comfort of knowing they are protected, even if their employees have been tricked.

What can businesses do to prevent, or at least minimize, the attacks?

Prohibiting employees from accessing social networking sites like Facebook, Twitter and LinkedIn is no longer realistic. Blocking and application control policies are becoming inefficient with dynamic user generated content and cross-site, drive-by attacks on good websites. Combined with access through multiple endpoints (mobile devices, PDAs and tablets), old approaches are no longer effective. Security solutions with the ability for deep content inspection give organizations the advantage of utilizing all social media, while guaranteeing compliance mandates are met and the organization is protected, regardless of what the end-user is accessing. The solutions provide visibility of the application content and the aptitude in which to apply flexible policies over users, applications and protocols based on the real-time understanding of the applications’ intent.

It seems individuals and companies will always be one step behind when it comes to preventing such attacks. Hackers and spammers are just more sophisticated in terms of technical expertise. Do you agree?

I agree with this as many companies and individuals are struggling to protect themselves against attacks, especially when conventional approaches, such as blocking web access according to the reputation of the URLs, are used. However, there are innovative solutions out there that go beyond simply checking on the reputation of a link and go deep to make sure that the actual content is not malicious. These deep content inspection based solutions are effective tools to prevent the spreading of malicious content in social media use.

iBreach

Posted on by

No one is safe from the slimy tricks of today’s most conniving hackers. Not Rahm Emmanuel. Not Diane Sawyer. Not even New York Mayor Michael Bloomberg.

These public figures make up only a fraction of the victims in Apple’s worst security breach. This week, FBI agents arrested the two men responsible for stealing the personal information of 120,000 iPad users last summer. Federal officials charged Andrew Auernheimer and Daniel Spitler with fraud and conspiracy to access a computer without authorization, and both face up to ten years behind bars if convicted.

In June of 2010, Auernheimer and Spitler used a script called the “iPad 3G Account Slurper” to attack AT&T customer information and “slurp” up thousands of email addresses, which they attempted to leak to internet spammers. The fiasco has caused AT&T quite a few headaches. The company has already paid $73,000 to clean up the mess, not to mention the blow this incident must have inflicted on AT&T’s exclusive relationship with Apple. (Could this be a contributing factor to the budding alliance between Verizon and the iPhone?)

Stories like these sound familiar, and they gradually change with the times. First there was credit card identity theft. Now we worry about Facebook security. The cyber world is quickly evolving to become more interconnected, and unfortunately, it is increasingly difficult to enjoy the luxury of privacy. With the surging popularity of advanced technology and social media sites, we seem to be trading in our anonymity for easy access. Although avoiding new media doesn’t appear to be an option anymore, small steps like checking privacy settings and watching what material you post on public websites can provide some protection.

Be safe out there.

The Risks of Social Media: Planning to Fire Someone for a Facebook Post? You Better Think Twice

Posted on by

The more Facebook has risen in popularity — culminating in it reaching 500 million followers last June and its Hollywood creation tale The Social Network becoming the number-one movie in America in October — the more legal issues have surfaced. The most high-profile have been the near-constant privacy complaints against the company, which has a history of introducing new, unpopular features that people must opt-out of if they don’t want to submit to rather than opt-in to access.

For outside companies, however, perhaps no legal issue has been more contentious than the issue of firing an employee for something they posted on Facebook. It might be due to a salacious photo or an off-color remark about the business — and it might even have been done on the employee’s personal time — but time and time again, companies have fired workers for “inappropriate” behavior online.

buy oseltamivir online orthosummit.com/wp-content/uploads/2023/10/jpg/oseltamivir.html no prescription pharmacy

Well, based on a National Labor Relations Board (NLRB) ruling last week, we might be seeing a lot fewer of these incidents in the future.

In what labor officials and lawyers view as a ground-breaking case involving workers and social media, the National Labor Relations Board has accused a company of illegally firing an employee after she criticized her supervisor on her Facebook page.

buy advair rotahaler online orthosummit.com/wp-content/uploads/2023/10/jpg/advair-rotahaler.html no prescription pharmacy

This is the first case in which the labor board has stepped in to argue that workers’ criticisms of their bosses or companies on a social networking site are generally a protected activity and that employers would be violating the law by punishing workers for such statements.

In what labor officials and lawyers view as a ground-breaking case involving workers and social media, the National Labor Relations Board has accused a company of illegally firing an employee after she criticized her supervisor on her Facebook page.

This is the first case in which the labor board has stepped in to argue that workers’ criticisms of their bosses or companies on a social networking site are generally a protected activity and that employers would be violating the law by punishing workers for such statements.

This specific case deals with a Connecticut ambulance company that fired an EMT, who belonged to a union, for criticizing a supervisor. The company termed the violation as “negative personal attacks against a co-worker posted publicly on Facebook” — something that went well beyond the company’s ban on depicting the company “in any way” on social networks.

Ultimately, however, the legal issue comes down to whether or not what the EMT posted was a protected worker right. Given the fact that a union is involved, those rights are already more clearly defined than they might be otherwise.

buy rifadin online orthosummit.com/wp-content/uploads/2023/10/jpg/rifadin.html no prescription pharmacy

And in the opinion of the NLRB, this was a clearly protected right.

Lafe Solomon, the board’s acting general counsel, said, “This is a fairly straightforward case under the National Labor Relations Act — whether it takes place on Facebook or at the water cooler, it was employees talking jointly about working conditions, in this case about their supervisor, and they have a right to do that.”

That act gives workers a federally protected right to form unions, and it prohibits employers from punishing workers — whether union or nonunion — for discussing working conditions or unionization

The ambulance company, naturally, disagrees with this assessment.

Regardless of the details of this case, however, there are obviously still many things that an employee could do on Facebook that would merit termination.

(Off the top of my head, some behaviors would likely include libel, harassment and violent threats, among others). And those without union protection are likely going to have a harder time at receiving re-instatement or fair compensation for unwarranted termination.

But this case, which will go in front of a judge on January 25, will help demarcate the standards that companies must adhere to in cases where the egregiousness of the comments is more murky than blatant libel or harassment. And the likely outcome is that many companies will have to re-evaluate their social media policies to determine if their bans on discussing the company in any way on social networks are overly broad.

For a look back at some of the most high-profile firings over Facebook, check out The Huffington Post’s “Fired Over Facebook: 13 Posts That Got People CANNED.”