Access to Internal Twitter Admin Tools Is Widespread
More than 1,000 individuals have access to tools that could have aided the attackers in the recent Twitter attack on high-profile accounts.
No one has taken credit or been charged for the Twitter hack that saw verified accounts of 45 prominent politicians and business leaders taken over and used for fraudulent purposes. The pool of suspects might include, according to former Twitter employees, more than 1,000 individuals who have the permissions necessary to read, modify, and take over such accounts.
The former employees told Reuters that the thousand-plus individuals had access to internal Twitter tools that can change user account settings and give third parties access to account controls.
In an investor call on Thursday, Twitter CEO Jack Dorsey said, "We fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools." The company says that it is now looking for a new head of security to help secure systems and train employees to resist social engineering from outsiders.
For more, read here.
Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024