In the wake of last week's compromise of 250,000 Twitter accounts comes another threat to Twitter users: phishing messages - both DMs and tweets - that lure in the curious by asking "Did you see this pic of you?" Appended to the message is a bit.ly shortened link that leads to a changing subdomain on hecro.ru, from which the victims are redirected to one of a number of spoofed Twitter login pages located on typosquat-style domains such as tivtter.com, iftwtter.com and iwltter.com.
Twitter has reset the passwords and revoked session tokens of some 250,000 Twitter users following a successful breach of a database containing user data.
A Twitter bug allowed third-party applications to access Direct Messages of users who signed in to the apps by using their Twitter account, reported IOActive researcher Cesar Cerrudo.
Information security is a very competitive industry, and one of the very few that kept doing fine even during the recession.
Itís that time of year again when, it seems, every technology vendor suddenly becomes clairvoyant with an insatiable urge to predict the battles we need to arm ourselves against.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.