Twitter confirms zero-day used to access data of 5.4 million accounts



Portal Nachrichten

TSEC NEWS (572 Quellen): 11.08.22 Perofrmance fix. Download Android App Android App von Team IT Security


Cybersecurity Themen Chronologie für jeden Suchbegriff


Twitter confirms zero-day used to access data of 5.4 million accounts

securityaffairs.co

Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of a zero-day flaw. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […]

The post Twitter confirms zero-day used to access data of 5.4 million accounts appeared first on Security Affairs.

...

Kompletten Nachrichten Artikel lesen


Zur Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Zero Trust: A Complete Guide to Remote Access Security

vom 742.44 Punkte
If there were any doubts that Zero Trust Network Access is more than a buzzword, they were erased by the US government’s decision to adopt Zero Trust across all federal agencies. This 21st Century approach to remote access security promises to fix many

Diving Deep Into a Pwn2Own Winning WebKit Bug

vom 407.68 Punkte
Pwn2Own Tokyo just completed, and it got me thinking about a WebKit bug used by the team of Fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver. It was a part of the chain that earned them $55,000 and was a nifty piece of

Access Control: Essentials for Modern IT Teams

vom 387.66 Punkte
Access control consists of the policies, processes, and technologies that determine who may access an organization’s information resources. An access control system can go further by limiting the extent of that access based on factors such as the char

AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

vom 366.24 Punkte
Original release date: March 24, 2022SummaryActions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation

Pwn2Own Miami 2022 Results

vom 333 Punkte
Pwn2Own Miami for 2022 has wrapped up, and it was an amazing three days of competition. In total, we awarded $400,000 for 26 unique 0-days (plus a few bug collisions). With 90 points accumulated over three days, the team of Daan Keuper (@daankeuper) a

How Password Hashing Algorithms Work and Why You Never Ever Write Your Own

vom 316.46 Punkte
Are you fascinated with cryptography? You're not alone: a lot of engineers are. Occasionally, some of them decide to go as far as to write their own custom cryptographic hash functions and use them in real-world applications. While understandably enticing, doi

CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters

vom 313.44 Punkte
In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931

What is the NIST Zero Trust Architecture?

vom 274.46 Punkte
Two years ago, the National Institute of Standards and Technologies (NIST) issued a report defining a new paradigm for secure network access. The NIST Zero Trust Architecture outlines how organizations can improve security by replacing legacy technologi

Veracode Hacker Games: The Results Are In!

vom 270.93 Punkte
The first everツ?Veracode Hacker Gamesツ?competition hasツ?come to a close, but were the flaws inツ?favor of our brave competitors? Read on to find out.ツ? Over the course of the two-weekツ?challenge, students from several universities in the U.S. and the U.K. came together to explore vulne

CVE-2020-0729: Remote Code Execution Through .LNK Files

vom 264.86 Punkte
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, John Simpson and Pengsu Cheng of the Trend Micro Research Team detail a recent remote code execution bug in Microsoft Windows .LNK files. The following is a portion of

Paramount Privileged Account Security Guidance (101) for CyberArk

vom 264.59 Punkte
Shadow Admins - The Stealthy Accounts That You Should Fear The Most, but Needn't AnymoreFolks,Today's post concerns CyberArk's guidance on Privileged Account Security, a subject that is paramount to cyber security today, and it likely impacts Trillions of $, as it imp

Privileged Access Management: Protect High-Risk Accounts

vom 258.51 Punkte
In a cybercrime environment that constantly targets user credentials, organizations are turning to Privileged Access Management (PAM) to prevent the breaches that could do the most damage. An administrator’s Privileged Account credentials could let h

Team Security Diskussion über Twitter confirms zero-day used to access data of 5.4 million accounts