Security researcher Anil Kurmus recently demonstrated an attack against Twitter that leveraged a newly released vulnerability in the common data security protocol Secure Sockets Layer (SSL). Kurmus showed that an attacker could exploit the SSL vulnerability to steal the Twitter credentials of a user that was authenticated through HTTPS. The SSL renegotiation bug, as it is termed, was unveiled earlier this month by security researchers at mobile phone authentication vendor PhoneFactor. — AM
Plume claimed to be subjected to data breach Hackread reports that U.S. smart Wi-Fi service provider Plume was claimed to have had more than 20GB of files from its Wi-Fi database stolen by threat actors introducing themselves as MonkeyInject.