Security News

Threat actors are hacking verified Twitter accounts to send fake but well-written suspension messages that attempt to steal other verified users' credentials. Twitter verifies accounts if they are considered notable influencers, celebrities, politicians, journalists, activists, and government and private organizations.

Twitter was fined $150 million for using phone numbers and email addresses collected for two-factor authentication for ad targeting.

Twitter, which is in the process of being acquired by Tesla CEO Elon Musk, has agreed to pay $150 million to the U.S. Federal Trade Commission to settle allegations that it abused non-public information collected for security purposes to serve targeted ads. In addition to the monetary penalty for "Misrepresenting its privacy and security practices," the company has been banned from profiting from the deceptively collected data and ordered to notify all affected users.

The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. "As the complaint notes, Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads. This practice affected more than 140 million Twitter users, while boosting Twitter's primary source of revenue," said FTC Chair Lina M. Khan.

To the surprise of many users, China's largest Twitter-esque microblogging website, Sina Weibo, announced on Thursday that it will publish users' IP addresses and location data in an effort to keep their content honest and nice. "Conventional thinking is that IP addresses may be considered personal data because they could reveal exact locations," he told The Register by email.

Elon Musk, CEO of SpaceX and Tesla and Twitter's new owner, on Thursday called on adding support for end-to-end encryption to the platform's direct messages feature. "Twitter DMs should have end to end encryption like Signal, so no one can spy on or hack your messages," Musk said in a tweet.

A new information stealer named FFDroider has emerged, stealing credentials and cookies stored in browsers to hijack victims' social media accounts. Like many malware, FFDroider is spread through software cracks, free software, games, and other files downloaded from torrent sites.

A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine. After the Conti Ransomware operation sided with Russia on the invasion of Ukraine, a Ukrainian researcher named 'Conti Leaks' decided to leak data and source code belonging to the ransomware gang out of revenge.

Russian Internet watchdog Roskomnadzor announced that Instagram will also be banned in Russia one week after blocking the Facebook and Twitter social networks. This time around, Instagram's ban comes after reports that Instagram's parent company, Meta, decided to allow calls for violence in some countries on Facebook and Instagram against Russian invaders and the Russian and Belarusian presidents.

Twitter is now accessible over the Tor network, allowing users in countries that banned it to continue accessing the social network's site. The new onion URL was announced today by security engineer Alec Muffett who announced that Twitter can now be accessed worldwide via the Tor browser.