InfoSecBulletin Cybersecurity for mankind
Donald Trump Jr.’s account on X (formerly known as Twitter) was hacked after it started sharing strange and erratic posts, according to a spokesperson for former President Donald Trump.
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
GitLab Releases Security Update For Multiple Vulns
ISPAB president “whatsapp” got hacked via phishing link
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
SSL.com’s domain validation system’s bug found: Hacker exploited
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
Hackers Exploit Zoom’s Remote Control Feature for System Access
Andrew Surabian posted on X stating that Don’s account had been hacked. He further clarified that the recent post asserting the death of the former president was clearly fabricated and lacked any truth.
Not only did the compromised account spread false information about the passing of the elder Trump, but it also falsely stated that Trump Jr. would be running for president. Within minutes, the post had been reshared more than 1,000 times on X and viewed hundreds of thousands of times.
There was another threat made towards North Korea on a post. There was also a pinned post on the account’s profile that insulted President Joe Biden using a racist term.
Donald Trump himself took to Twitter to refute the false tweets, asserting that he was very much alive.
The incident raises new questions about the role of X in protecting user accounts, especially those of important political figures, as the platform gets ready for the 2024 elections.
X announced in August that it is significantly expanding its safety and election teams. This decision follows a series of mass layoffs last year, which resulted in over 80% reduction in the company’s overall workforce, as revealed by its owner, Elon Musk.
It’s unclear if the compromise allowed unauthorized access to Trump Jr.’s private messages or if he had two-factor authentication on his account.
The Federal Trade Commission is investigating whether X has properly protected user privacy. They are also looking into whether X violated its 2011 commitments to secure the platform. Following a whistleblower disclosure by Peiter “Mudge” Zatko, the former security chief of the company, an investigation was initiated. The disclosure, which was first reported by CNN and The Washington Post last year, brought attention to numerous security vulnerabilities that had been overlooked and left unattended.
Source:
CNBC. CNN. Euronews
