SEO News

Decrypted: How Twitter was hacked, GitHub DMCA backfires – TechCrunch

One week to the U.S. presidential election and issues are getting spicy.

It’s not simply the rhetoric — hackers are actively working to disrupt the election, officers have mentioned, and final week they got here with a concrete instance and an unusually quick pointing of blame.

On Wednesday night time, Director of Nationwide Intelligence John Ratcliffe blamed Iran for an e mail operation designed to intimidate voters in Florida into voting for President Trump “or else.” Ratcliffe, who didn’t take any questions from reporters and has been accused of politicizing the typically impartial office, mentioned Iran had used voter registration information — which is essentially public within the U.S. — to ship emails that looked like they came from the far-right group the Proud Boys. Google safety researchers additionally linked the campaign to Iran, which denied claims of its involvement. It’s estimated about 2,500 emails went by means of ultimately, with the rest getting caught in spam filters.

The announcement was lackluster intimately. However consultants like John Hultquist, who heads intelligence evaluation at FireEye-owned safety agency Mandiant, mentioned the incident is “clearly geared toward undermining voter confidence,” simply because the Russians tried through the 2016 election.

 


THE BIG PICTURE

Twitter was hacked utilizing a faux VPN portal, New York investigation finds

The hackers who broke into Twitter’s community used a faux VPN web page to steal the credentials — and two-factor authentication code — of an worker, an investigation by New York’s Division of Monetary Affairs discovered. The state tax division received concerned after the hackers then hijacked consumer accounts utilizing an internal “admin tool” to unfold a cryptocurrency rip-off.

In a report revealed final week, the division mentioned the hackers referred to as a number of Twitter workers and used social engineering to trick one worker into coming into their username and password on a website that regarded like the corporate’s VPN portal, which most workers use to entry the community from house through the pandemic.

“As the worker entered their credentials into the phishing web site, the hackers would concurrently enter the data into the actual Twitter web site. This false log-in generated a [two-factor authentication] notification requesting that the staff authenticate themselves, which a number of the workers did,” wrote the report. As soon as onto the community utilizing the worker’s VPN credentials, the hackers used that entry to research find out how to entry the corporate’s inner instruments.

Twitter mentioned in September that its workers would receive hardware security keys, which might make it far tougher for a repeat phishing assault to achieve success.

Open-source YouTube obtain software hit by DMCA takedown, however backfires



#Decrypted #Twitter #hacked #GitHub #DMCA #backfires #PJDM

Author

Zack Whittaker