Twitter confirms spear-phishing attack on employees

Following the major security breach suffered by Twitter on 15 July, it has confirmed that the hack targeted a small number of employees through a phone “spear-phishing” attack.

Attackers targeted specific employees who had access to account support tools, Twitter said. The company added it has since restricted access to its internal tools and systems.


EXPERTS COMMENTS
Aaron Higbee, Co-Founder and CTO,  Cofense
August 03, 2020
No amount of security controls can fully secure a network unless employees are also seen as the frontline in phishing defense.
Whether the hackers gained access via phone, a personal device, or office computer, the aim of the attack was to obtain employee credentials. Twitter advises that although their tools, controls, and processes are constantly being updated and improved, they are now “taking a hard look” at how they can make them even more sophisticated. The specifics of the phish that evaded security controls a ....
[Read More >>]
Stuart Reed, UK Director,  Orange Cyberdefense
July 31, 2020
Technical countermeasures against phishing attempts and detecting malicious activities today are much more robust than they have been in the past.
As suspected, this breach resulted from social engineering – hackers preying on human vulnerabilities. Technical countermeasures against phishing attempts and detecting malicious activities today are much more robust than they have been in the past. The human, on the other hand, is more complex and hard to predict in certain scenarios while easy to manipulate in others. It is vital organisations ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article