Lucene search
+L

269 matches found

ThreatPost
ThreatPost
added 2018/09/21 8:21 p.m.14 views

Twitter Flaw Exposed Direct Messages To External Developers

Twitter on Friday said that a recently-patched bug in its platform enabled software developers to read users’ private direct messages or protected tweets. The bug ran from May 2017 until it was discovered on September 10 – after which Twitter patched the glitch to prevent data from being...

1AI score
Exploits0References10
The Hacker News
The Hacker News
added 2018/05/08 7:18 a.m.1 views

Twitter is Testing End-to-End Encrypted Direct Messages

Twitter has been adopting new trends at a snail's pace. But it's better to be late than never. Since 2013 people were speculating that Twitter will bring end-to-end encryption to its direct messages, and finally almost 5 years after the encryption era began, the company is now testing an end-to-e...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2018/05/08 7:18 a.m.69 views

Twitter is Testing End-to-End Encrypted Direct Messages

Twitter has been adopting new trends at a snail's pace. But it's better to be late than never. Since 2013 people were speculating that Twitter will bring end-to-end encryption to its direct messages, and finally almost 5 years after the encryption era began, the company is now testing an end-to-e...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2015/03/29 5:15 p.m.22 views

X (Formerly Twitter): Insecure Direct Object Reference - access to other user/group DM's

Hello, I found a way to access group DM's which i don't have access to, Conditions to be met: - Should have been in that DM group atleast once. Exploitation ways: =============== - let's say they're three twitter profiles, Naruto , Goku and Eren. - Naruto creates a DM group in between himself ,...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2014/03/22 10:54 a.m.42 views

Slack: Stored XSS in Slackbot Direct Messages

Whenever a new team is created, Slackbot uses automated profile completion by asking a few questions from the user like the first name, last name, skype account etc. But instead of providing the correct details we provide as input then Slackbot will cause the data go inside the anchor tag ... so...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2014/01/09 11:56 a.m.9 views

Setting Up a Secure and Private Twitter Account

To kick off the new year, we are restarting our tutorial screencast series where we attempt to briefly walk users through the process of locking down their various online accounts. Today’s video, which is just slightly longer than we had hoped, thoroughly details the steps necessary to ensure tha...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/01/22 2:45 p.m.10 views

Twitter Bug Allowed Apps to Access Direct Messages Without Permission

Social networking sites such as Twitter and Facebook have become not just communication hubs, but also authentication mechanisms for third-party sites. Many sites and Web applications allow users to sign in with their Facebook or Twitter credentials rather than registering, which is a nice...

7.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/10/16 5:46 p.m.11 views

Phishy Direct Messages Link to Fake Twitter Sign-in Page

A wave of spammy direct messages on Twitter contain URLs leading to what appears to be a Twitter login page, but is actually a phishing site trying to pilfer user login credentials. The ploy from the attackers in this campaign is a familiar one: “hey, someone is spreading nasty rumors about you...

0.4AI score
Exploits0References1
ThreatPost
ThreatPost
added 2010/03/10 2:22 p.m.10 views

Twitter Deploys New Anti-Phishing Service

Twitter is launching a new service designed to prevent users from being tricked into visiting malicious Web sites after clicking on shortened URLs in direct messages or Twitter messages. The new Twiiter anti-phishing service, which launched Tuesday, essentially serves as a proxy between users and...

0.5AI score
Exploits0References2
Rows per page
Query Builder