Twitter investigates apparent data breach. Ransomware C2 staging discovered. Privateers only. Where's the expected GPS jamming?
The Cyber Wire
At a glance.
- Twitter investigates apparent data breach.
- Ransomware C2 staging discovered.
- A C2C offering that's restricted to potential privateers.
- The minor mystery of GPS-jamming, or its absence, in an active theater of operations.
Twitter investigates apparent data breach.
Twitter is looking into the possibility that data from a breach are now being posted on the dark web. Restore Privacy traces the incident to reports in HackerOne back in January of a breach that had the potential of exposing user information even when that information was hidden in privacy settings. Twitter closed the vulnerability and paid the researcher who reported it a bug bounty. But it appears possible that the vulnerability has been exploited to collect a very large tranche of user data. Restore Privacy says that at least some of the data released as a teaser are authentic, and that the criminal who holds them (nom-de-hack "devil") is offering the database for sale. Bidding starts at $30 thousand.