Influencer News Hubb
Advertisement
  • Home
  • News
  • Influncer
  • PR
  • Instagram Marketing
  • Social Media
  • Contact
No Result
View All Result
  • Home
  • News
  • Influncer
  • PR
  • Instagram Marketing
  • Social Media
  • Contact
No Result
View All Result
Influencer News Hubb
No Result
View All Result
Home Social Media

Cybersecurity Experts Warn Twitter Breach Will Have Lasting Ramifications

admin by admin
January 7, 2023
in Social Media


The account details of some 200 million Twitter users were posted on a hacker forum for free

getty

In July 2019, the United States Conference of Mayors unanimously adopted a resolution not to pay any more ransom demands to hackers following a ransomware attack. Cybersecurity experts heralded the decision, and numerous companies have also taken a stance that a ransom should never be paid – as doing so will only likely result in future attacks from bad actors.

Last month, Twitter essentially ignored the calls for a ransom to be paid after data from hundreds of millions of users was stolen following a breach. This week, the account details of some 200 million records were then posted on a hacker forum for free. Some of the popular and known names and entities include Sundar Pichai, Donald Trump Jr., SpaceX, CBS Media, the NBA, and the World Health Organization.

As previously reported, the database was 63GB and it included account name, handle, creation date, follower count, and even email address. Researchers have warned that the leaked data could be used to hack Twitter users’ accounts, and could also be used for social engineering or “doxxing” campaigns.

What is notable is that this latest breach is hardly getting much attention.

“It’s tempting to shrug and say ‘that’s life in the big city,” said David Maynor, senior director of Threat Intelligence at cybersecurity firm Cybrary. “How many people in this Twitter breach are having their data exposed for the first time? I have free credit monitoring for life, based on all the breaches my data has shown up in.”

The API Issue

Understanding the significance also requires understanding how the breach actually occurred, and what users can expect to come next.

“API security is the real story here,” suggested Sammy Migues, principal scientist at Synopsys Software Integrity Group.

The Application Programming Interface (API) is essentially the way for two or more computer programs to communicate with each other. Security is especially important for any public-facing API, and more secure systems often require users to be assigned an API key. Without that key, the services refuse to serve data.

That wasn’t apparently the case with Twitter.

“As cloud-native app development explodes, so does the world of refactoring monolithic apps into hundreds and thousands of APIs and microservices,” noted Migues.

This is now just the latest example of how an unsecured API that developers design to “just work” can remain unsecured because when it comes to security, what is out-of-sight is all too often out-of-mind.

“Humans are terrible at securing what they can’t see,” said Jamie Boote, associate software security consultant at Synopsys Software Integrity Group

The issue is that this effort is growing much faster than the skills and numbers of application architects who can craft working secure API and zero-trust architectures.

“It’s also growing faster than the time there is available to do threat modeling and skilled security testing,” warned Migues.

Twitter has also been down this road in the past.

“In 2021, people discovered that the Twitter API could be used to disclose email addresses that were provided from other sources and also leak some other semi-public info like tying a Twitter handle with that email address,” Boote added. “Several groups then used leaked email dumps as seed material to start farming for handles that they could then gather other information such as follower counts, profile creation date, and other information available on a Twitter profile.”

That particular issue was fixed last year, and it appeared that may have been the last of it.

“After all that, Musk bought Twitter, and dumps of these started showing up for sale as hackers were looking to get paid for their efforts,” said Boote. “It appears as though someone collected a bunch of these, and tried to get Musk to pay up for them.”

As that didn’t happen, the data has been leaked to the world. The question is what could come next.

A Lingering Concern?

For many Twitter users – this could now be a problem that won’t go away. If nothing happens immediately, many users may even assume they’re in the clear – only to have something bad happen down the line.

“A major concern here is that affected users will suffer from account takeover,” explained Benjamin Fabre, CEO at security provider DataDome.

When cybercriminals succeed in taking control of an online account, they can perform unauthorized transactions, unbeknownst to the victims.

“These often go undetected for a long time because logging in isn’t a suspicious action,” warned Fabre. “It’s within the business logic of any website with a login page. Once a hacker is inside a user’s account, they have access to linked bank accounts, credit cards, and personal data that they can use for identity theft.”

It will be important for those who believe they may have their data compromised to remain vigilant.

“As always, malicious actors have your email address,” Boote suggested. “To be safe, users should change their Twitter password and make sure it’s not reused for other sites. And from now on, it’s probably best to just delete any emails that look like they’re from Twitter to avoid phishing scams.”



Source link

Tags: APIbreachcybersecuritydoxxingElon Muskhackersphishingransomwaresocial mediaTwitter
Previous Post

6 Gaming Influencers to Follow I Traackr

Next Post

Why SEO Is A Great Choice For Businesses

Related Posts

Social Media

Twitter Expands Access to Twitter Blue, Announces New Incentives for Signing Up

by admin
February 4, 2023
Social Media

Dying For The Perfect Photo Or Video – Is Social Media Claiming Lives?

by admin
February 4, 2023
Social Media

Some Are Clearly Missing The Point Of The 40-Year-Old New Wave Hit ’99 Luftballons’

by admin
February 4, 2023
Social Media

Meta Could be Exploring Paid Blue Checkmarks on Facebook and Instagram

by admin
February 3, 2023
Social Media

Elon Musk Announces Ad Revenue Sharing For Creators On Twitter

by admin
February 3, 2023
Next Post

Why SEO Is A Great Choice For Businesses

Recommended

Microlearning: Bite-Sized Learning, Big Results

December 23, 2022
8 Examples of Successful TikTok Influencer Sponsorships I Traackr

8 Examples of Successful TikTok Influencer Sponsorships I Traackr

February 2, 2023
Maybelline and Club Med on Influencer Management and Relationships I Traackr

Maybelline and Club Med on Influencer Management and Relationships I Traackr

December 7, 2022

Take your fitness business online in 8 simple steps

January 9, 2023

Hootsuite CEO And Stuckey’s Owner Provide Insights On How Social Media Marketing Can Help Small Businesses Compete Successfully

December 1, 2022

In The Aftermath Of Riots, Brazil Faces The Challenge Of Countering Online Radicalization

January 14, 2023

© 2022 Influencer News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Influncer
  • PR
  • Instagram Marketing
  • Social Media
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Influncer
  • PR
  • Instagram Marketing
  • Social Media
  • Contact

© 2022 Influencer News Hubb All rights reserved.