Security News

The phishing attack on Twitter employees serves as an opportunity for all businesses to reassess how they build and deploy application

Multiple Reddit moderator accounts have been compromised and abused to post pro-Trump messages on a variety of subreddits. The hackers appear to have targeted moderator accounts that did not have two-factor authentication enabled, and leveraged their rights to modify subreddits or even remove moderator accounts that had fewer rights.

Capital One must pay a trivial $80m fine for its shoddy public cloud security - yes, the US banking giant that was hacked last year by a miscreant who stole personal information on 106 million credit-card applicants in America and Canada. "The OCC took these actions based on the bank's failure to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner," the watchdog said in a statement on Thursday.

Satellite internet communications are susceptible to eavesdropping and signal interception by far-flung attackers located in a different continent or country from their victims. When a satellite ISP makes an internet connection for a customer, it beams that customer's signals up to a satellite in geostationary orbit within a narrow communications channel; that signal is then sent back down to a terrestrial receiving hub and routed to the internet.

A spokesperson for Intel told us the information was likely taken from its Resource and Design Center, which is a private library of resources for computer manufacturers and the like to build systems using Intel's silicon. The IOH SR 17 probably refers to scratchpad register 17 in the I/O hub, part of Intel's chipsets, that is used by firmware code.

The British teenager accused of being part of the gang that hacked Twitter and posted a cryptocurrency scam from various US celebrities' accounts has not yet been arrested. Mason Sheppard, a 19-year-old of Bognor Regis in the English county of West Sussex, has been visited by the National Crime Agency but no arrests have been made on this side of the Atlantic.

In the Twitter breach, the attackers leveraged social engineering tactics to target a small number of employees through a phone spear phishing attack. In Twitter's case, the intelligence gained by the attackers enabled them to target additional employees who did have access to the Twitter account support tool, which allows privileged employees to control all facets of a Twitter account.

A Florida teen identified as the mastermind of a scheme that gained control of Twitter accounts of prominent politicians, celebrities and technology moguls pleaded not guilty on Tuesday to multiple counts of fraud. Graham Ivan Clark, 17, is accused of using the hijacked Twitter accounts to scam people around the world out of more than $100,000 in Bitcoin.

A 17-year-old teen and two other 19 and 22-year-old individuals have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts within minutes as part of a massive bitcoin scam. On July 15, Twitter faced the biggest security lapse in its history after an attacker managed to hijack nearly 130 high-profile twitter accounts, including Barack Obama, Kanye West, Joe Biden, Bill Gates, Elon Musk, Jeff Bezos, Warren Buffett, Uber, and Apple.

The US Department of Justice just issued a press release entitled simply, "Three Individuals Charged for Alleged Roles in Twitter Hack.". In some ways, the Twitter hack referred to, which happened just two weeks ago on 2020-07-15, was tiny.