informa
/
Attacks/Breaches
Quick Hits

Access to Internal Twitter Admin Tools Is Widespread

More than 1,000 individuals have access to tools that could have aided the attackers in the recent Twitter attack on high-profile accounts.

No one has taken credit or been charged for the Twitter hack that saw verified accounts of 45 prominent politicians and business leaders taken over and used for fraudulent purposes. The pool of suspects might include, according to former Twitter employees, more than 1,000 individuals who have the permissions necessary to read, modify, and take over such accounts.

The former employees told Reuters that the thousand-plus individuals had access to internal Twitter tools that can change user account settings and give third parties access to account controls.

In an investor call on Thursday, Twitter CEO Jack Dorsey said, "We fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools." The company says that it is now looking for a new head of security to help secure systems and train employees to resist social engineering from outsiders.

For more, read here.

 

 

Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5