Casa > Ciber Noticias > Twitter AAAPI Bug Shared User Messages with Unauthorized Parties
CYBER NOTICIAS

Twitter AAAPI Bug compartido mensajes de usuarios con terceros no autorizados

Twitter acaba de arreglar una vulnerabilidad que pueden haber compartido los mensajes directos (Los DM) y protegido tweets de algunos usuarios con los desarrolladores que no estaban autorizados a acceder a la información. It appears that the bug is related to Twitter’s Account Activity API that could have resulted in data being delivered to the wrong registered developer, the official statement said.




The company already emailed all said developers. The investigation has confirmed that there is “only one set of technical circumstances where this issue could have occurred."

More about Twitter’s Account Activity API Bug

According to information compartido in Twitter’s blog post, "if you interacted with an account or business on Twitter that relied on a developer using the AAAPI to provide their services, the bug may have caused some of these interactions to be unintentionally sent to another registered developer".

It should be noted that this bug might have occurred when a particular set of technical circumstances were true during the relevant time period for this issue.

The said AAAPI has been affected between May 2017 y septiembre 10, 2018, when the bug was fixed shortly after it was discovered. Menos que 1% of Twitter’s 335 million users were affected by the bug. Affected users are being notified about the incident with the help of an in-app notice on the official website. The company is also working with its partner developers to ensure that they are complying with their obligations to delete all the required information that shouldn’t be in their possession. It should be noted that Twitter has hundreds of such developers.

A principios de este año, En Mayo, Twitter announced a critical security bug that was identified in the service. Users were prompted to change their passwords. The problem lied in the way the account login passwords were stored in the internal database. Más específicamente, an issue with Twitter’s system allowed passwords to be stored without being “masked” properly. Masking refers to the way sensitive information is stored in an internal database.

Milena Dimitrova

Milena Dimitrova

Un escritor inspirado y administrador de contenido que ha estado con SensorsTechForum desde que comenzó el proyecto.. Un profesional con 10+ años de experiencia en la creación de contenido atractivo. Centrado en la privacidad de los usuarios y el desarrollo de malware, ella cree firmemente en un mundo donde la seguridad cibernética juega un papel central. Si el sentido común no tiene sentido, ella estará allí para tomar notas. Esas notas pueden convertirse más tarde en artículos! Siga Milena @Milenyim

Más Mensajes

Sígueme:
Gorjeo

Dejar un comentario

Su dirección de correo electrónico no será publicada. Los campos necesarios están marcados *

Compartir en Facebook Compartir
Cargando ...
Compartir en Twitter Pío
Cargando ...
Compartir en Google Plus Compartir
Cargando ...
Compartir en Linkedin Compartir
Cargando ...
Compartir en Digg Compartir
Compartir en Reddit Compartir
Cargando ...
Compartir en Stumbleupon Compartir
Cargando ...