HITB GSEC Singapore (August 21st - 25th)
Register Online Now!
IOActive's Cesar Cerrudo, warns of Twitter privacy issues
Security researchers are advising users to take a close look at their Twitter accounts following the discovery of an issue which could put direct message content at risk.
Cesar Cerrudo, chief technology officer at security firm IOActive said that a flaw in the way Twitter handles permissions and notifications could allow a third-party application to gain access to a user's direct messages without prior notification or permission.
In a company blog post, Cerrudo explains that the issue appears to be a loophole in the way users grant permissions and the way a third-party application is able to access those permission. He said that while testing an application, he noticed that the tool was able to obtain far more access into his own account information than he had allowed.