Before Twitter Patch, Private Messages May Have Been Vulnerable

August 22, 2020

Written by wukovits

If you’re a Twitter user, you should know that the company recently announced that they had addressed a serious security flaw that could have allowed hackers to gain direct access to Direct or Private Messages users sent via Twitter.

If you seldom use that feature, then the impact to you would have been minimal in any case. If it’s something you use on a regular basis, then breathe a sigh of relief.

The company had this to say about the issue:

“We recently discovered and fixed a vulnerability in Twitter for Android related to an underlying Android OS security issue affecting OS versions 8 and 9. Our understanding is 96 percent of people using Twitter for Android already have an Android security patch installed that protects them from this vulnerability.

For the other 4 percent, this vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this.”

The company stressed that there’s no evidence this security flaw was ever exploited in the wild, and again, there’s nothing for you, as a Twitter user to do. The company has already handled it.

The discovery of the flaw though, comes on the heels of another recent, dramatic Twitter hack. In that hack, dozens of user accounts belonging to high-profile individuals were commandeered and used to bilk unsuspecting users out of more than $120,000 worth of Bitcoins.

If history is a good guide, and it usually is, this won’t be the last major security flaw the company finds and addresses in what remains of the year. Nonetheless, kudos to Twitter for finding the flaw and acting quickly to correct it before it could be exploited. Here’s hoping they can continue to find and correct them before the hackers can take advantage.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon