Approximately 560,000 people were affected by Vulnerability-related.DiscoverVulnerability a flaw in the script used to migrate followers to the new archival handles . `` If you were following @ POTUS before 12pET , by end of day you 'd be following * two * accounts : @ POTUS44 ( 44th Admin ) and @ POTUS ( 45th Admin ) , '' Dorsey tweeted . Dorsey apologized for Vulnerability-related.DiscoverVulnerability the mistake , and said Twitter has worked to correct Vulnerability-related.PatchVulnerability the issue . He did add , however , that the Obama Administration felt it was fair to automatically migrate followers after the transition , since @ POTUS is an institutional account . One of the most visible transfers of executive power happened today on Twitter . The official @ POTUS account was handed off to President Trump , and former-President Obama re-assumed his personal handle , @ BarackObama . ( Trump predictably continued to tweet from his personal account long into the inauguration , however . ) Michelle and I are off on a quick vacation , then we 'll get back to work . But some Twitter users are complaining that despite never following @ POTUS in the first place , the presidential handle is suddenly showing up in their timelines . Somehow , they claim , Twitter had automatically followed it for them . Folks : Check if you 're following GraemeJanuary 21 , 2017 `` I specifically UNFOLLOWED this account earlier today . Yet now I am following it again without having resubscribed , '' one user tweeted . `` @ POTUS turned up in my feed despite me not following , willingly or otherwise , '' said another person . A spokesperson for Twitter told Motherboard they could n't comment on these specific claims , but said that post-inauguration , Twitter automatically migrated the followers of @ POTUS over to the newly created @ POTUS44 account , which acts as an archive for President Obama 's tweets . The same was done for @ FLOTUS44 , belonging to Michelle Obama , and @ VP44 , belonging to former-Vice President Biden . As you can see , both versions have somewhat similar follower counts .

In a string of attacks that have escalated over the past 48 hours , hackers are actively exploiting a critical vulnerability that allows them to take almost complete control of Web servers used by banks , government agencies , and large Internet companies . The code-execution bug resides in Vulnerability-related.DiscoverVulnerability the Apache Struts 2 Web application framework and is trivial to exploit . Although maintainers of the open source project patched Vulnerability-related.PatchVulnerability the vulnerability on Monday , it remains under attack by hackers who are exploiting it to inject commands of their choice into Struts servers that have yet to install the update , researchers are warning Vulnerability-related.DiscoverVulnerability . Making matters worse , at least two working exploits are publicly available . `` We have dedicated hours to reporting to companies , governments , manufacturers , and even individuals to patch Vulnerability-related.PatchVulnerability and correct the vulnerability as soon as possible , but the exploit has already jumped to the big pages of 'advisories , ' and massive attempts to exploit the Internet have already been observed . '' Researchers at Cisco Systems said they are seeing a `` high number of exploitation events '' by hackers attempting to carry out a variety of malicious acts . One series of commands that attackers are injecting into webpages stops the firewall protecting the server and then downloads and executes malware of the attacker 's choice . The payloads include `` IRC bouncers , '' which allow the attackers to hide their real IP address during Internet chats ; denial-of-service bots ; and various other packages that conscript a server into a botnet . `` These are several of the many examples of attacks we are currently observing and blocking , '' Cisco 's Nick Biasini wrote . `` They fall into two broad categories : probing and malware distribution . The payloads being delivered vary considerably , and to their credit , many of the sites have already been taken down and the payloads are no longer available . '' The vulnerability resides in Vulnerability-related.DiscoverVulnerability what 's known as the Jakarta file upload multipart parser , which according to official Apache Struts 2 documentation is a standard part of the framework and needs only a supporting library to function . Apache Struts versions affected by Vulnerability-related.DiscoverVulnerability the vulnerability include Struts 2.3.5 through 2.3.31 , and 2.5 through 2.5.10 . Servers running any of these versions should upgrade to Vulnerability-related.PatchVulnerability 2.3.32 or 2.5.10.1 immediately . It 's not clear why the vulnerability is being exploited Vulnerability-related.DiscoverVulnerability so widely 48 hours after a patch was released Vulnerability-related.PatchVulnerability . One possibility is that the Apache Struts maintainers did n't adequately communicate the risk . Although they categorize Vulnerability-related.DiscoverVulnerability the vulnerability security rating as high , they also describe Vulnerability-related.DiscoverVulnerability it as posing a `` possible remote code execution '' risk . Outside researchers , meanwhile , have said the exploits are trivial to carry out , are highly reliable , and require no authentication . It 's also easy to scan the Internet for vulnerable servers . It 's also possible to exploit the bug even if a Web application does n't implement file upload functionality . Update 3/9/2017 10:07 California time : In a comment to this post , Ars Technology Editor Peter Bright provides Vulnerability-related.PatchVulnerability a much more plausible explanation for the delay in patching Vulnerability-related.PatchVulnerability this highly critical vulnerability . Most bug fixes Vulnerability-related.PatchVulnerability , he pointed out , require downloading and installing a patch , possibly rebooting a machine , and being done with it .

A generic wireless camera manufactured by a Chinese company and sold around the world under different names and brands can be easily hijacked and/or roped into a botnet . The flaw that allows this to happen is found Vulnerability-related.DiscoverVulnerability in a custom version of GoAhead , a lightweight embedded web server that has been fitted into the devices . This and other vulnerabilities have been found Vulnerability-related.DiscoverVulnerability by security researcher Pierre Kim , who tested one of the branded cameras – the Wireless IP Camera ( P2P ) WIFICAM . The extensive list of devices affected by Vulnerability-related.DiscoverVulnerability the flaw in the custom embedded web server can be found Vulnerability-related.DiscoverVulnerability here , and includes 1250+ camera models from over 300 vendors , including D-Link , Foscam , Logitech , Netcam , and Polaroid . “ This vulnerability allows an attacker to steal credentials , ftp accounts and smtp accounts ( email ) , ” Kim noted Vulnerability-related.DiscoverVulnerability . He also shared Vulnerability-related.DiscoverVulnerability a PoC exploit that leverages the flaw to allow an attacker to achieve root shell on the device . Other vulnerabilities present Vulnerability-related.DiscoverVulnerability include a RTSP server running on the camera ’ s TCP 10554 port , which can be accessed without authentication , allowing attackers to watch what the camera streams . There is also a “ cloud ” functionality that is on by default , through which the camera can be managed via a mobile Android app . The connection between the two is established through UDP , and will be automatically established to any app that “ asks ” if a particular camera is online . Effectively , the attacker just needs to know the serial number of the device . The established UDP tunnel can also be used by the attacker to dump the camera ’ s configuration file in cleartext , or to bruteforce credentials . “ The UDP tunnel between the attacker and the camera is established even if the attacker doesn ’ t know the credentials , ” Kim noted . “ It ’ s useful to note the tunnel bypasses NAT and firewall , allowing the attacker to reach internal cameras ( if they are connected to the Internet ) and to bruteforce credentials . Then , the attacker can just try to bruteforce credentials of the camera ” . Kim advises owners of these devices to disconnect them from the Internet . A simple search with Shodan revealed Vulnerability-related.DiscoverVulnerability that there are 185,000+ vulnerable cameras out there , ready to be hijacked . The vulnerabilities are not in GoAhead , but the custom version of the web server developed by the Chinese OEM vendor , so EmbedThis – the company that develops GoAhead – can do nothing to fix Vulnerability-related.PatchVulnerability this . Interestingly enough , SecuriTeam revealed Vulnerability-related.DiscoverVulnerability today the existence of an arbitrary file content disclosure Vulnerability-related.DiscoverVulnerability vulnerability affecting Vulnerability-related.DiscoverVulnerability older versions of the GoAhead web server . Discovered Vulnerability-related.DiscoverVulnerability by independent security researcher Istvan Toth , the vulnerability can be triggered by sending a malformed request to the web server , and it will disclose device credentials to the attacker in clear text . “ The GoAhead web server is present on multiple embedded devices , from IP cameras to printers and other embedded devices , ” SecuriTeam explained , and urged owners to remove the device from the network , “ or at the very least not allow access to the web interface to anyone beside a very strict IP address range ”