The night we spent without control of our Twitter account.

Fly.io offers insights into edge computing, serverless architecture, and global content delivery network (CDN), providing documentation, tutorials, and best practices for deploying and scaling applications at the network edge. By exploring Fly.io's curated content, developers can learn about Fly's edge computing platform, distributed application runtime, and HTTP/2 load balancing for building fast, secure, and scalable web applications. Whether you're optimizing latency for global users, offloading compute-intensive tasks, or deploying microservices, Fly.io offers resources to supercharge your application performance and reliability.

Fly.io

Fly.io's CEO fell victim to a sophisticated phishing attack that compromised their Twitter account for 15 hours. The attacker exploited psychological vulnerabilities by sending a fake alert about a questionable post, prompting the CEO to log in through a fake domain. The incident highlights why phishing-resistant authentication (like FIDO2 and Passkeys) is essential, as training alone cannot prevent all phishing attempts. The company's infrastructure remained secure because it uses SSO with phishing-proof MFA, but their Twitter account was a legacy shared credential managed through 1Password. The attack resulted in a crypto scam post and temporary brand damage, but no user data was compromised.

Kurt Got Got