1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Twitter accounts exposed in major security snafu

    From TechnologyDaily@1337:1/100 to All on Mon Aug 8 14:00:04 2022
    Twitter accounts exposed in major security snafu

    Date:
    Mon, 08 Aug 2022 12:29:53 +0000

    Description:
    Twitter says a flaw in its code exposed the identities of certain account holders.

    FULL STORY ======================================================================

    A flaw in Twitters code allowed threat actors to link accounts with the email addresses registered against them, potentially exposing the identities of their operators, the social network has confirmed.

    Late last week, the company disclosed the flaw in a blog post , in which it apologized for the inconvenience and explained the problem was fixed as soon as it was discovered.

    The exploit took advantage of the way Twitter treated failed log in attempts. When someone tried to log in using an email address or a phone number, even
    if they typed in the wrong password, Twitter used to do two things: Tell the user theyd submitted the wrong password Show the Twitter handle associated with that email address or phone number (if any exist)

    This meant that people running pseudonymous accounts could have had their identities exposed. Selling data on the dark web

    The flaw was first spotted in mid-2021. At the time, Twitter said it couldnt find any evidence of abuse. This bug resulted from an update to our code in June 2021, the company wrote.

    A year later, Twitter learned through a press report that someone had
    actually compiled a list of user accounts with this method and tried to sell it.

    Twitter apologized for the inconvenience, said it fixed the issue as soon it was unveiled, and said it will directly notify account owners that were impacted by this problem. Read more

    Twitters edit button isnt going to be what any of us really wanted


    Millions of Twitter accounts could be at risk of attack due to these
    security flaws


    These are the best endpoint protection services today

    We are publishing this update because we arent able to confirm every account that was potentially impacted, and are particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors, the company added.

    The microblogging platform has been getting a lot of limelight lately, ever since eccentric billionaire Elon Musk said he intended to acquire it. The future of the deal will now be decided at the Delaware Chancery Court, after Musk attempted to bow out, ostensibly due to volume of bots operating on the platform. Here are the free and paid options for the best firewall software
    to stay protected online



    ======================================================================
    Link to news story: https://www.techradar.com/news/twitter-confirms-accounts-exposed-by-major-secu rity-flaw/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)