Join our subscribers
Twitter hackers accessed direct messages for 36 accounts
Thursday, July 23, 2020
Ilia Kolochenko, founder and CEO of ImmuniWeb, said that crediting the entire success of the attack — which he called “unprecedentedly disrupting” — to “comparatively banal social engineering” is questionable. “Hijacking one or two accounts by tricking Twitter tech support seems fairly plausible, but the long-lasting takeover of dozens of top accounts requires a much more sophisticated and multidimensional preparation of attack,” he said.
The reported social engineering attack vector likely “was enhanced by exploitation of other weaknesses in Twitter’s internal security. It is not excluded that the attackers were assisted by an insider or were exploiting a high-risk vulnerability detected in one of the Twitter’s web systems,” Kolochenko continued. “Otherwise, we may reasonably infer that Twitter has virtually no internal security controls and best practices that we should normally expect from a tech company of its size.” Read Full Article
The Telegraph: Ransom paid to hackers who stole data from at least six UK universities
CPO Magazine: Media Claims of Law Enforcement Agencies Purchasing Breach Data, How Serious Is It?
