Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/31/2020
11:45 AM
50%
50%

Twitter: Employees Compromised in Phone Spear-Phishing Attack

The attack earlier this month started with a spear-phishing attack targeting Twitter employees, the company says in a new update.

Twitter today published a new update on its recent security incident, confirming a small number of employees were targeted in a phone spear-phishing attack. The intruders were able to use their credentials to tweet from celebrity accounts, access direct messages, and download data.

The attack, which took place earlier this month and involved the takeover of several high-profile Twitter accounts, raised concerns over Twitter's internal controls and the level of access its employees have to high-profile accounts. The company has since published multiple updates on its ongoing investigation and the steps it's taking to improve account and employee security.

"This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter said in an update published yesterday.

A successful attack required access to both Twitter's internal network and employee credentials to specific support tools. Not all employees initially targeted had permissions to use account management tools, but the attackers used their credentials to access internal systems and gain information about its processes. This enabled the attackers to target 130 Twitter accounts and tweet from 45, access the DM inboxes of 36, and download the Twitter data of seven.

In addition to confirming the mobile spear-phishing attack vector, Twitter claims it has "significantly limited" access to its internal tools and systems while its investigation continues. Some processes and features -- in particular, access to the "Your Twitter Data" download feature -- have been affected. The company says it may be slower in response to account support needs, reported tweets, and applications to its developer platform.

Read more details in Twitter's full update.

 

 

Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/27/2020
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/28/2020
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing Writer,  10/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27014
PUBLISHED: 2020-10-30
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash. An attacker must first obtain the ability to execute high-privileged code on the targ...
CVE-2020-27015
PUBLISHED: 2020-10-30
Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privi...
CVE-2020-27885
PUBLISHED: 2020-10-29
Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change the logged-in user’s pass...
CVE-2020-25646
PUBLISHED: 2020-10-29
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
CVE-2020-26205
PUBLISHED: 2020-10-29
Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view.