Tuesday, September 21 2010, 17:32 BST
By Mayer Nissim,
The main Twitter website was hacked this afternoon via a security flaw.
Users who moved their cursor over blacked-out text automatically Tweeted or Retweeted the same message. Some accounts automatically posted a message in oversized text, making their page and those of their followers unreadable.
In a blog post, Graham Cluely of security firm Sophos reported that the flaw allowed messages and pop-up windows from third-parties to open in users' browsers. These pages potentially contain spam or malicious code.
Cluely said: "The Twitter website is being widely exploited by users who have stumbled across a flaw which allows messages to pop up and third-party websites to open in your browser just by moving your mouse over a link.
Cluely noted that the Twitter page belonging to Sarah Brown, the wife of former Prime Minister Gordon, had attempted to direct her one million followers to a "hardcore porn site based in Japan".
In a post on its Safety page, Twitter confirmed that it has now fixed the security flaw.
"We've identified and are patching a XSS attack; as always, please message @safety if you have info regarding such an exploit," the social networking website said.
Del Harvey, the leader of Twitter's Trust and Safety team, added: "The XSS attack should now be fully patched and no longer exploitable. Thanks, those reporting it."
ضع تعليق باستخدام حساب الفيس بوك
|مواضيع ذات صلة مع Updated: Twitter fixes security flaw|
|Clover’s Week: Call security|
|اصدار جديد ProgDVB v6.71.7 Fixes|
|Markey Pushes For All-Vid, CableCARD Fixes|
|Latens Wins Dish Nepal Content Security Deal|
|FCC Tees Up CableCARD Fixes|