As you may have heard, Twitter was hit over the Easter weekend by a worm. This wasn't some generic worm that just happened to hit Twitter - it was a targeted attack. Some technical detail is here. While the fallout appears to have been relatively benign, it certainly caused the guys at Twitter some headaches. It appears to have been a clickjacking attack, one of the vulnerabilities that Robert Hansen specifically mentioned at NITES this year.
Needless to say, the Wintel mantra of running up to date antivirus software, patching systems and running properly configured firewalls is completely useless in this scenario. Twitter's developers will probably be sent on a security refresher course pretty soon.
The "victims" of this attack are lucky that it wasn't particularly malicious. That might not be the case next time.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment