Security researcher Anil Kurmus recently demonstrated an attack against Twitter that leveraged a newly released vulnerability in the common data security protocol Secure Sockets Layer (SSL). Kurmus showed that an attacker could exploit the SSL vulnerability to steal the Twitter credentials of a user that was authenticated through HTTPS. The SSL renegotiation bug, as it is termed, was unveiled earlier this month by security researchers at mobile phone authentication vendor PhoneFactor. — AM
Global cryptocurrency exchange CoinEx has disclosed being impacted by a cryptocurrency heist following the detection of anomalous withdrawals involving TRON, Polygon, and ETH coins across several of its wallets, reports The Record, a news site by cybersecurity firm Recorded Future.