NPP Australia: Notifying Customers of a New PayID Leak
infosec

NPP Australia: Notifying Customers of a New PayID Leak

PayID's search function on Australia's new payment platform (NPP) has encountered problems once again. This...
Read More
infosec

Man-in-the-middle attacks: What are the most common types?

In a previous article we analyzed exactly what man-in-the-middle attacks are, how they work, how they are carried out and how we can protect ourselves against ...
Read More
infosec tweaks

Man-in-the-middle attacks: What is and how to protect yourself?

A man-in-the-middle attack presupposes three parts. The victim, the entity with which the victim is trying to communicate ...
Read More
infosec

Your keyboard can betray your passwords to hackers

Hackers are able to edit your online passwords only from the sound of your keystrokes, revealed a ...
Read More
infosec

Bluetooth vulnerability affects Apple, Qualcomm and Intel devices!

Bluetooth is used worldwide as one of the most convenient methods of connecting and controlling connected devices. However, according to ...
Read More
Latest Posts

Hackers use Twitter Card vulnerability and attack users

TwitterTwitter was found with a new one vulnerability, which could allow hackers to attack platform users. Accordingly, the vulnerability was detected in the operation «Twitter Cards». Hackers can take advantage of it vulnerability and target users by malicious sharing software and realizing Phishing attacks.

Vulnerability

The vulnerability in Twitter Cards is related to the way the URLs are displayed. When the hacker uses the vulnerability, the tweet will display the Twitter Card for one website, but will actually redirect the user to another site.

Twitter 's vulnerability became known by Terence Eden, who discovered it when he detected a malicious tweet. Eden remarked that the tweet led the user to a completely different site than what he was showing.

As the platform explains, you can attach with Twitter Cards photos, video and multimedia on Tweets, helping to increase traffic to your site.

However, the problem lies in the fact that users redirected to other sites.

Accordingly, this vulnerability still exists.

Most worrying is that despite the fact that vulnerability has been known for some months, Twitter has not taken care of it. Any hacker could exploit and attack Twitter users, even before it was released.

Additionally, it is impossible to find the wrong redirect. This makes vulnerability particularly dangerous.

The error can be used for many scams. Hackers can use it to spread fake news, phishing attacks, and malware in victim's systems. It can be used almost for any malicious activity.

Meanwhile, the same issue has been identified in Facebook. However, the platform claims to know its existence and is something they wanted to be.

For the time being, it is unclear whether Twitter intends to correct this error in the near future.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *