The hackers who took over a number of high profile Twitter accounts, including those belonging to Barack Obama and Elon Musk, for several hours this summer gained entry into Twitter’s internal systems simply by posing as company IT officials making a support call, according to an investigative report Wednesday by New York regulators.
At the time of the July 15 attack, Twitter had no chief information security officer and suffered from poor internal security controls, the report concluded.
Officials behind the report called for additional cybersecurity regulation of major tech platforms.
“In other industries that are deemed critical infrastructure, such as telecommunications, utilities, and finance, we have established regulators and regulations to ensure that the public interest is protected,” said the report from New York’s Department of Financial Services. “With respect to cybersecurity,
A tip from a child helped security researchers discover an aggressive scam and adware campaign on both iOS and Android that was being promoted on TikTok and Instagram.
Researchers from Avast Security discovered the malicious apps when a girl found a TikTok profile that appeared to be promoting an abusive app and reported it. The apps had been downloaded a combined 2.4 million times on the App Store and Google Play.
The apps posed as platforms for entertainment, music downloads, or wallpapers. They served intrusive ads, even when they weren’t open in the foreground. And according to the report from Avast, they also used sly tactics to prevent users from uninstalling them.
Avast classified the apps as HiddenAds trojans. The trojan “that disguises itself as a safe and useful application but instead serves intrusive ads outside of the app, and hides the original app icon making it difficult for