Tweets Can No Longer Be Sent From SMS To Twitter

If you use Twitter on a regular basis, then you probably saw the official tweet from the company. Effective immediately, they’ve shut down the functionality that allowed users to tweet via SMS, something that has been a part of the platform since its earliest days.

For the time being, the company is keeping SMS-based two-factor authentication for account holders, but that may change.

Currently, it’s too soon to say with any degree of confidence. The recent action was taken in response to serious security flaws with tweeting via SMS that made user accounts vulnerable.

This is not the first time the company has suspended use of the feature. The first time they did it though, the suspension lasted just two days. It happened September 4th and 5th of 2019 after CEO Jack Dorsey’s Twitter account was hacked. This time, there’s no end in sight.

Users who rely on SMS-based tweeting are urged to make the transition to the social network’s Twitter mobile app, which serves as a viable alternative.

It should also be noted that while SMS-based tweeting has been suspended for most of the world, there are a few remote areas where it’s the only option available, and in those places, the capability to send a tweet via SMS remains intact.

The Twitter support team’s message about the change was short and to the point, reading simply:

We want to continue to help keep your account safe. We’ve seen vulnerabilities with SMS, so we’ve turned off our Twitter via SMS service, except for a few countries. If you were using Twitter vis SMS, you can log in at twitter.com or download our mobile app to enjoy the full Twitter experience.”

At this time, there is no word on if or whether the service will be restored. If it’s something you’ve been in the habit of relying on in the past, be aware that you’ll have to make a few changes to your routine.

Used with permission from Article Aggregator

Beware Fake Craigslist Email Could Contain Ransomware

If you post ads on Craigslist for short term employment, be aware that there’s a new malspam campaign that aims to distribute Sigma ransomware on the computers of unwary users.

By all outward appearances, the emails seem to come from Craigslist in response to ads posted in Craigslist’s “Gigs” section for short term employment.  The emails will generally express interest in whatever job the user has posted and include a protected Word or RTF document which recipients will assume are resumes.

If the recipient enters the password to unlock the document, they’ll then be presented with a screen that asks them to enable the content in the document.  Unfortunately, this is the step that dooms the user. The file isn’t a resume at all, but merely a delivery vehicle.

As soon as the content is enabled, the ransomware will be installed, the user’s files will be encrypted, and then will “helpfully” post a message explaining that the files have been encrypted, and explaining that to get access to them again, they’ll have to pay a $400 fee, which rises to $800 if the user waits longer than seven days to request the decryption key.

Unfortunately, there’s no known way to decrypt Sigma-encrypted files other than paying the ransom.

This is a new twist on a very old game. Even worse, it’s enjoying a relatively high success rate because people who post ads for short term employment on Craigslist expect to get responses from people they don’t know. They expect that those people will be sending resumes for review.

The “tell” is that when a potential employee sends you a resume, it’s almost certainly not going to be password protected.  In this case, your best bet would be to reply to the sending and ask them to send you a non-protected resume if they’re genuinely interested in the job.

Used with permission from Article Aggregator