Twitter virus: cross site scripting security issue

By    John Garner on  Sunday, April 12, 2009
Summary: Quick note to say that there seems to be a twitter security issue based upon cross site scripting. Initially it was thought to be a virus but this post on NetworkWorld seems to indicate that it is in effect a cross site scripting hack . This basically means that should it be an XSS hack, […]

Quick note to say that there seems to be a twitter security issue based upon cross site scripting. Initially it was thought to be a virus but this post on NetworkWorld seems to indicate that it is in effect a cross site scripting hack . This basically means that should it be an XSS hack, Twitter are not high up there with their security standards. It won't look good if what seems to be a phishing hack is possible on their site!

Update: the script used to infect all the Twitter users was crafted by a 17 year old from Brooklyn who claims to have been bored and was highlighting the vulnerability while promoting his own site! Twitter have "closed the hole" as per Geoff's comment below.

Article written by  John Garner

Leave a Reply

Your email address will not be published. Required fields are marked *

One comment on “Twitter virus: cross site scripting security issue”

Recent Posts

Check out the most recent posts from the blog: 
Tuesday, May 23, 2023
Sustainable Enterprise AI Adoption: Protecting Confidentiality, Ensuring Accuracy, and Successful Business Integration

The public's recent access to breakthroughs in AI has sparked excitement but their integration into businesses often leads to significant issues, especially without proper management. Implementing AI effectively requires robust security measures to protect sensitive data, investment in unbiased technology, sufficient training for understanding AI systems, identification of the best AI use cases, assurance of reliable data sources, and careful management to prevent over-reliance on AI over human workforce. It's also critical to understand that AI systems like ChatGPT have their limitations and inaccuracies, and they need continuous monitoring and fine-tuning, while keeping in mind that these technologies have evolved from a long history of advancements, thanks to various companies and organizations.

Read More
Saturday, May 13, 2023
AI in my pocket

A novel AI topic that is trending, is around the porting of foundation models like Llama on to Google Pixel phones. This also maps to the leaked Google Memo about the threat of open source to their general 'moat model'.

Read More
Wednesday, May 10, 2023
AI: I see hallucinations

Discussing AI-generated hallucinations in language models like ChatGPT, which sometimes provide incorrect or fictional information aka BS. This problem is concerning for businesses that require trustworthy and predictable systems. While search engines like Google and Bing attempt to improve their accuracy and user experience, neither is perfect. The unpredictability of AI systems raises concerns about high-stakes decisions and public trust. Is the closing of OpenAI’s open-source projects a good idea? Could it benefit from expert analysis to understand and mitigate AI hallucinations?

Read More
Monday, May 8, 2023
AI promises: the good, the bad, the ugly

Looking at the current condition and possibilities of AI and AGI, emphasizing the rapid progress, benefits, and potential risks linked to their development. AI tools are already driving productivity gains in various industries. We look at applications ranging from farming to law. However, concerns about the security, accuracy, and ethical implications of these technologies persist. Some experts, like Dr. Geoffrey Hinton, are advocating for stricter regulation and caution in AI development.

Read More
crossmenuarrow-down