Twitter: function adminPanelShow() { if ( !isInOurVPN() ) throw logSecurityBreac... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

ransom1538 on July 17, 2020 | parent | context | favorite | on: Who’s behind Wednesday’s epic Twitter hack?

Twitter:

function adminPanelShow()

{

   if ( !isInOurVPN() ) 

      throw logSecurityBreach(); 

      

   if ( !isLoggedIn() ) 

      throw logSecurityBreach(); 

  
   slackSecurityChannel("AdminPanel Access: " + userName); 

   ... 

}

Thorrez on July 17, 2020 | [–]

Is it possible the attacker was in the VPN and logged in?

galacticaactual on July 17, 2020 | [–]

Do you know how account takeovers work?

ransom1538 on July 17, 2020 | [–]

You work in security. Sad.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact