Security News

Twitter is down with users seeing "Welcome to Twitter" screen
2023-03-01 10:45

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Twitter tells users: Pay up if you want to keep using insecure 2FA
2023-02-20 20:58

Using texts is insecure for doing 2FA, So if you want to keep it up you're going to have to pay. The bulletin says that "After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled."

Twitter will start charging users for SMS-based 2FA option
2023-02-20 06:30

Twitter has announced that starting with March 20, users who don't pay the Twitter Blue subscription will no longer be able to use the SMS-based two-factor authentication option. Twitter CEO Elon Musk further explained the rationale behind the move by claiming that "Twitter is getting scammed by phone companies for $60M/year of fake 2FA SMS messages."

Twitter gets rid of SMS 2FA for non-Blue members — What you need to do
2023-02-20 02:38

Twitter has announced that it will no longer support SMS two-factor authentication unless you pay for a Twitter Blue subscription. In a blog post released this week, Twitter said that non-Twitter Blue users using SMS 2FA authentication have until March 20th, 2023, to switch to another 2FA method, or it will be disabled.

Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only
2023-02-18 11:10

Twitter has announced that it's limiting the use of SMS-based two-factor authentication to its Blue subscribers. "While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used - and abused - by bad actors," the company said.

What Twitter’s outage says about (over) zealous downsizing
2023-02-15 14:33

While the Twitter outage affected comparatively few Twitter users, it could hold a larger message about the dangers not just to operations but also security for organizations mulling big cuts in workforce. With just 1,300 active staff, Twitter now has 80% fewer workers than the roughly 8,000 the company had on its payroll before the October 2022 takeover by Elon Musk, by some reports.

PayPal and Twitter abused in Turkey relief donation scams
2023-02-09 11:00

Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter. BleepingComputer has identified multiple scams running on Twitter and abusing legitimate platforms like PayPal's fundraising pages to create convincing scam websites and collect proceeds from donors hoping to aid earthquake victims.

Embarrassment as US cyber ambassador's Twitter account is hacked
2023-02-06 23:59

A top US cyber diplomat said his Twitter account was compromised over the weekend. Nate Fick, the inaugural US ambassador at large for Cyberspace and Digital Policy, on Saturday announced the hack of his personal account with - of course - a tweet.

Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System
2023-01-12 07:21

Twitter on Wednesday said that its investigation found "No evidence" that users' data sold online was obtained by exploiting any security vulnerabilities in its systems. "Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems," the company said in a statement.

Twitter claims leaked data of 200M users not stolen from its systems
2023-01-11 20:18

Twitter finally addressed reports that a dataset of email addresses linked to hundreds of millions of Twitter users was leaked and put up for sale online, saying that it found no evidence the data was obtained by exploiting a vulnerability in its systems. "In response to recent media reports of Twitter users' data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems," the company said.