Secuzine

spot_img

Atos Cybersecurity Unit Receives Up to $2 Billion Bid from Airbus

Airbus has proposed a non-binding offer of 1.5-1.8 billion euros ($1.6-$2.0 billion) to acquire Atos's cybersecurity unit BDS. This move comes as Airbus aims...

Why Instagram Threads is a hotbed of risks for businesses

Instagram’s Threads, a new platform for text-sharing and public conversations, has garnered significant attention since its launch, attracting both individual users and businesses seeking alternative communication channels. However, Threads has quickly become a breeding ground for various security and compliance risks that organizations should be wary of.

Research by CSC has identified 428 new domain registrations related to “Threads” between June 26 and July 27, 2023. Many of these domains have affiliations with existing brands, raising concerns about fraudulent registrations. Organizations need to monitor their domain activity to distinguish authorized registrations from fraudulent ones, as brand infringements, impersonation, and hacks can result from such activities.

Threads’ rapid user growth has attracted the attention of malicious actors who exploit the platform for their gain. Suspicious URLs associated with the platform have been detected, some leading to malware downloads. While these threats may not infiltrate Apple’s App Store, users should remain vigilant against false download links and scams.

Using Threads for official communication or sharing sensitive data can inadvertently lead to data leaks. Employees may inadvertently disclose sensitive information, and features like location sharing could expose strategic business data. The lack of end-to-end encryption in Threads poses concerns about data security.

Threads seamlessly integrate with Instagram accounts, potentially making it easier for malicious actors to access information. If one account is compromised, it could grant access to all associated Meta accounts, allowing impersonation and data gathering.

Compliance standards can become challenging to maintain if employees use personal apps like Threads for work-related matters. Threads’ unavailability in regions with strict privacy laws, such as the European Union, and concerns about data privacy and FTC consent decrees add complexity to the situation.

Threads, like any messaging platform, can be used for phishing attempts and are susceptible to vulnerabilities. Undiscovered vulnerabilities (zero-days) may be exploited, posing risks to user data and device permissions.

To ensure secure use of Threads within businesses, a combination of employee training, clear policies, and monitoring is recommended. Using personal messaging apps for work purposes can pose risks for employees, and policies should outline guidelines for app use on work devices. Monitoring tools can help detect unauthorized activities and applications.

While Threads has shown some promise in terms of security features like the lack of a direct-message function and no advertising, businesses should remain cautious and proactive in mitigating the associated risks.