India PM Modi’s Twitter account ‘briefly compromised’; EU may okay Microsoft-Nuance deal; ‘Ubiquitous’ software flaw found

India’s Prime Minister Narendra Modi’s Twitter account was “briefly compromised” on Sunday, according to a statement from his office. Modi, whose handle @narendramodi has more than 73 million followers on Twitter, is among the most followed figures on the microblogging social media platform. Suspicions of a hack were prompted after a tweet was posted from his handle that claimed India had adopted Bitcoin as legal tender. India is set to introduce proposals in the parliament this month to ban private cryptos in the country and start a central bank digital currency. “The matter was escalated to Twitter and the account has been immediately secured. In the brief period that the account was compromised, any Tweet shared must be ignored,” the prime minister’s office tweeted from its handle @PMOIndia on Sunday. Prime Minister Modi’s account was "not compromised due to any breach of Twitter’s systems,” the company said, according to Economic Times. "There are no signs of any other impacted accounts at this time,” Twitter said, according to ET. A widely accessible software vulnerability was reported four days ago by researchers at Lunasec, an open-source data security company. The researchers are calling it Log4Shell, and they describe it as a ‘zero-day’ vulnerability found in software code called Log4j 2 that was “ubiquitous.” The piece of software is written in the hugely popular programming language Java that is used by businesses and organisations around the world. A zero-day exploit is one that people don’t know about but is known to the hackers who discovered it, so there are literally zero days to fix it, cybersecurity company Norton says on its website. As to Log4Shell, “Many, many services are vulnerable to this exploit. Cloud services like Steam, Apple iCloud, and apps like Minecraft have already been found to be vulnerable,” according to Lunasec’s blogpost. Computer emergency response teams in New Zealand, at Deutsche Telekom, and the Greynoise web monitoring service have all warned that attackers are actively looking for servers vulnerable to Log4Shell attacks, TechCrunch reports. Security patches are available for this vulnerability, but the Log4j’s popularity makes the flaw a serious problem. Meanwhile, a Microsoft Teams bug on Android phones prevented some users from making emergency calls in the US, according to a BBC report over the weekend. One user posted online that he was prevented from calling 911 — the emergency number in the US — when his grandmother may have been having a stroke, according to the report. Google was able to verify the bug itself and is working on a fix. "We believe the issue is only present on a small number of devices with the Microsoft Teams app installed when the user is not logged in, and we are currently only aware of one user report related to the occurrence of this bug," Google said. The rare glitch was caused by an "unintended interaction" between the Teams app and the Android operating system, according to the report. In more Microsoft news, the Windows software maker will get unconditional anti-trust regulatory approval in Europe for its $16 billion bid for artificial intelligence and speech technology company Nuance Communications, Reuters reports. This would be Microsoft’s second biggest purchase after its $26.2 billion LinkedIn purchase in 2016. The Nuance deal would boost Microsoft’s presence in cloud services for healthcare and it has already secured regulatory go ahead in the US and Australia, according to the news agency. Nuance is known for its pioneering speech technology and helping launch Apple's Siri virtual assistant. Its software is used by 77 percent of US hospitals, according to Reuters.