Security News

Threatpost editors talk about the biggest security news stories for the week ended Jul. 24.

Twitter says an elected Dutch official was among 36 account holders whose direct message inboxes were accessed in a recent high-profile hack. The politician, anti-Islam lawmaker Geert Wilders, said Thursday that he was informed by Twitter that his account was compromised by a hacker, who posted tweets on his account and sent false direct messages, or DMs, in his name.

Twitter has admitted that the naughty folk who hijacked verified accounts last week read a portion of hacked users' direct messages. Among the 36 Twitter users whose direct messages, email addresses and phone numbers were definitely accessed by account hijackers last week was one Dutch politician, the microblogging platform said overnight.

Hackers accessed direct messages for 36 of the 130 high-profile users whose accounts were hacked in an unprecedented account breach last week, Twitter confirmed Wednesday. The company also tweeted a clarification to differentiate between a previous update to the hack in which they said hackers downloaded an archive of "Your Twitter Data" from eight of the 130 accounts, adding that none of these were verified accounts.

Twitter on Wednesday revealed that attackers accessed the direct message inboxes of some of the accounts that were compromised in last week's security incident. The attack took place on July 15 and involved the abuse of internal Twitter systems and tools to gain access to high-profile accounts such as those of Jeff Bezos, Mike Bloomberg, Bill Gates, or Elon Musk, and post fake messages promoting a crypto-currency scam.

New information suggests that at least two of them operated a service that resold access to Twitter employees for the purposes of modifying or seizing control of prized Twitter profiles. SWIMPING. My July 15 story observed there were strong indications that the people involved in the Twitter hack have connections to SIM swapping, an increasingly rampant form of crime that involves bribing, hacking or coercing employees at mobile phone and social media companies into providing access to a target's account.

Not a few people's Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter's system administrators.

Social media platform Twitter has confirmed that attackers downloaded user data from some of the accounts compromised in last week's security incident. In a blog post published over the weekend, Twitter revealed that the attackers launched a password reset operation for 45 of the 130 targeted user accounts, which allowed them to seize control of the accounts and post tweets.

Twitter has revealed more about the July 15 attack that saw several prominent accounts hijacked to promote a Bitcoin scam. The Saturday, July 18 update admits "The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections."

Critical flaw gives attackers control of vulnerable SAP business applicationsSAP has issued patches to fix a critical vulnerability that can lead to total compromise of vulnerable SAP installations by a remote, unauthenticated attacker. Investigation highlights the dangers of using counterfeit Cisco switchesAn investigation, which concluded that counterfeit network switches were designed to bypass processes that authenticate system components, illustrates the security challenges posed by counterfeit hardware.