InfoSecBulletin Cybersecurity for mankind
Donald Trump Jr.’s account on X (formerly known as Twitter) was hacked after it started sharing strange and erratic posts, according to a spokesperson for former President Donald Trump.
Joint cybersecurity advisory
Botnet infects 260,000 SOHO routers, IP cameras with malware
Chrome 129 Released Fix with multiple Security Flaws
Broadcom fixed RCE bug in VMware vCenter Server
Cybercriminal now misuse Microsoft Azure tool to steal data
Apple warns users to install iOS 18 to Fix 33 iPhone Vulnerabilities
CISA adds windows and whatsUp Gold vuls to its KEV
Petroleum and Fuel Industry
FleetPanda exposes Nearly One Million Documents
DESCO faces cyber attack: Customers Data Breach
Alert! Google Fixes GCP Composer Flaw
CTF in Bangladesh: Unveiling Challenges, Opportunities and remedies
Andrew Surabian posted on X stating that Don’s account had been hacked. He further clarified that the recent post asserting the death of the former president was clearly fabricated and lacked any truth.
Not only did the compromised account spread false information about the passing of the elder Trump, but it also falsely stated that Trump Jr. would be running for president. Within minutes, the post had been reshared more than 1,000 times on X and viewed hundreds of thousands of times.
There was another threat made towards North Korea on a post. There was also a pinned post on the account’s profile that insulted President Joe Biden using a racist term.
Donald Trump himself took to Twitter to refute the false tweets, asserting that he was very much alive.
The incident raises new questions about the role of X in protecting user accounts, especially those of important political figures, as the platform gets ready for the 2024 elections.
X announced in August that it is significantly expanding its safety and election teams. This decision follows a series of mass layoffs last year, which resulted in over 80% reduction in the company’s overall workforce, as revealed by its owner, Elon Musk.
It’s unclear if the compromise allowed unauthorized access to Trump Jr.’s private messages or if he had two-factor authentication on his account.
The Federal Trade Commission is investigating whether X has properly protected user privacy. They are also looking into whether X violated its 2011 commitments to secure the platform. Following a whistleblower disclosure by Peiter “Mudge” Zatko, the former security chief of the company, an investigation was initiated. The disclosure, which was first reported by CNN and The Washington Post last year, brought attention to numerous security vulnerabilities that had been overlooked and left unattended.
Source:
CNBC. CNN. Euronews
