InfoSecBulletin Cybersecurity for mankind
Donald Trump Jr.’s account on X (formerly known as Twitter) was hacked after it started sharing strange and erratic posts, according to a spokesperson for former President Donald Trump.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
Andrew Surabian posted on X stating that Don’s account had been hacked. He further clarified that the recent post asserting the death of the former president was clearly fabricated and lacked any truth.
Not only did the compromised account spread false information about the passing of the elder Trump, but it also falsely stated that Trump Jr. would be running for president. Within minutes, the post had been reshared more than 1,000 times on X and viewed hundreds of thousands of times.
There was another threat made towards North Korea on a post. There was also a pinned post on the account’s profile that insulted President Joe Biden using a racist term.
Donald Trump himself took to Twitter to refute the false tweets, asserting that he was very much alive.
The incident raises new questions about the role of X in protecting user accounts, especially those of important political figures, as the platform gets ready for the 2024 elections.
X announced in August that it is significantly expanding its safety and election teams. This decision follows a series of mass layoffs last year, which resulted in over 80% reduction in the company’s overall workforce, as revealed by its owner, Elon Musk.
It’s unclear if the compromise allowed unauthorized access to Trump Jr.’s private messages or if he had two-factor authentication on his account.
The Federal Trade Commission is investigating whether X has properly protected user privacy. They are also looking into whether X violated its 2011 commitments to secure the platform. Following a whistleblower disclosure by Peiter “Mudge” Zatko, the former security chief of the company, an investigation was initiated. The disclosure, which was first reported by CNN and The Washington Post last year, brought attention to numerous security vulnerabilities that had been overlooked and left unattended.
Source:
CNBC. CNN. Euronews
