Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
On Friday, March 24th, Twitter sent GitHub a copyright infringement notice, claiming some of the platform`s users leaked parts of their source code.
GitHub, the Microsoft-owned service for software developers, reacted promptly and took down the code the same day. According to researchers, the leaked code had been public for at least several months.
Twitter also urged GitHub to reveal the real identity of the FreeSpeechEnthusiast user who was behind the code leakage.
Please preserve and provide copies of any related upload / download / access history (and any contact info, IP addresses, or other session info related to same), and any associated logs related to this repo or any forks thereof, before removing all the infringing content from Github.
What`s at Risk
Since the Twitter source code was publicly available for months, hackers will have an easier task when hunting for security vulnerabilities. If threat actors put their minds to it, they could extract user data or even take down the site.
Tech companies usually try to thoroughly protect this kind of code. Sharing it can not only lead to revealing security vulnerabilities but also results in offering an advantage to competitors.
In the past, other tech giants, like Microsoft or Google were also victims of source code theft. Internal threats are one of the risk factors that companies constantly confront.
Twitter Source Code Leakage in Context
At the moment Twitter struggles in a turmoil of financial and structural challenges, as thousands of employees were either fired or resigned during the past months. Researchers suspect that the person who made the Twitter source code public on GitHub might be a disgruntled former employee.
Twitter began an investigation into the leak and executives handling the matter have surmised that whoever was responsible left the San Francisco-based company last year, two people briefed on the internal investigation said. Since Mr. Musk bought Twitter in October for $44 billion, about 75 percent of the company’s 7,500 employees have been laid off or resigned.
The incident happened just as Elon Musk announced they will make public the code that Twitter uses to recommend tweets.
Twitter will open source all code used to recommend tweets on March 31st
— Elon Musk (@elonmusk) March 17, 2023
This was going to happen by the end of March. The goal of making the code available to the public was that it could be reviewed by anyone and tested for vulnerabilities. The whole move was meant to help Twitter’s code become more secure.
And if you liked this article, follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
