InfoSecBulletin Cybersecurity for mankind
Donald Trump Jr.’s account on X (formerly known as Twitter) was hacked after it started sharing strange and erratic posts, according to a spokesperson for former President Donald Trump.
Delay patching leaves about 50,000 Fortinet firewalls to zero-day attack
Daily Security Update Dated: 21.01.2025
126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
CERT-UA alerts about “security audit” requests through AnyDesk
Oracle Critical Pre-Release update addressed 320 flaw
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS
Intel holds 22 employees from one Bangladeshi University
VPN Surge 1500% in USA after TikTok Shut Down
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology
Andrew Surabian posted on X stating that Don’s account had been hacked. He further clarified that the recent post asserting the death of the former president was clearly fabricated and lacked any truth.
Not only did the compromised account spread false information about the passing of the elder Trump, but it also falsely stated that Trump Jr. would be running for president. Within minutes, the post had been reshared more than 1,000 times on X and viewed hundreds of thousands of times.
There was another threat made towards North Korea on a post. There was also a pinned post on the account’s profile that insulted President Joe Biden using a racist term.
Donald Trump himself took to Twitter to refute the false tweets, asserting that he was very much alive.
The incident raises new questions about the role of X in protecting user accounts, especially those of important political figures, as the platform gets ready for the 2024 elections.
X announced in August that it is significantly expanding its safety and election teams. This decision follows a series of mass layoffs last year, which resulted in over 80% reduction in the company’s overall workforce, as revealed by its owner, Elon Musk.
It’s unclear if the compromise allowed unauthorized access to Trump Jr.’s private messages or if he had two-factor authentication on his account.
The Federal Trade Commission is investigating whether X has properly protected user privacy. They are also looking into whether X violated its 2011 commitments to secure the platform. Following a whistleblower disclosure by Peiter “Mudge” Zatko, the former security chief of the company, an investigation was initiated. The disclosure, which was first reported by CNN and The Washington Post last year, brought attention to numerous security vulnerabilities that had been overlooked and left unattended.
Source:
CNBC. CNN. Euronews
