fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Twitter Hackers Read Private Messages Of 36 High-Profile Accounts

Twitter Hackers Read Private Messages Of 36 High-Profile Accounts

Twitter hackers read private messages of 36 high-profile accounts

Twitter today admitted that the attackers behind last week’s incident read the private messages of 36 out of a total of 130 high-profile accounts targeted in the attack.

Among these, the hackers also accessed the Twitter inbox of Geert Wilders, a Dutch elected official and the leader of the Party for Freedom (PVV).

Twitter also said in a blog update that it found no other indications that “any other former or current elected official had their DMs accessed.”

After the attack, U.S. Senator Ron Wyden tweeted about a conversation he had with Twitter CEO Jack Dorsey two years ago, with Dorsey telling Wyden that the company was working on end-to-end encrypted direct messages.

As the U.S. Senator said, “[i]f hackers gained access to users’ DMs, this breach could have a breathtaking impact for years to come.”

The company’s investigation previously found that the hackers took control of 130 accounts using tools only available to Twitter internal support teams after getting their hands on the credentials of a number of Twitter employees.

The attackers used the accounts they took over to push a massive Bitcoin scam which allowed to collect almost $120,000 worth of bitcoins.

Earlier this week, Coinbase said that it blocked its customers from sending roughly $280,000 to the Twitter hackers on top of the $120K by blacklisting the Bitcoin addresses used in the scam within minutes after the attack started.

Also read: 9 Policies For Security Procedures Examples

“For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets,” Twitter added. “In addition, we believe they may have attempted to sell some of the usernames.”

“For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our ‘Your Twitter Data’ tool,” none of these being verified accounts.

Twitter immediately blocked the hijacked accounts from resetting their user passwords and from tweeting after detecting the attack, and, three hours later, it restored tweeting functionality to the impacted accounts.

The company also stated that it discovered no evidence of the intruders gaining access to the affected accounts’ passwords and that they will not be reset.

The Twitter accounts of multiple tech companies (@Apple and @Uber), several tech executives, celebrities, and politicians (@JeffBezos, @BarackObama, @elon_musk, @kanyewest, @JoeBiden, @BillGates, and @WarrenBuffett), and crypto exchanges (@coinbase, @Gemini, and @binance) are some of the 130 used by the hackers to promote their Bitcoin scam.

Twitter’s investigation and cooperation with law enforcement continue at the moment with a forensic review of all accounts targeted in the attack.

Also read: 7 Phases Of Data Life Cycle Every Business Must Be Informed

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us