*Entry Title: *WHID 2011-50: Celebrity Ashton Kutcher Firesheep'd at TED Conference *WHID ID: *2011-50 *Date Occurred: *March 3, 2011 *Attack Method: *Stolen Credentials *Application Weakness: *Insufficient Transport Layer Protection *Outcome: *Session Hijacking *Attacked Entity Field: *Web 2.0 *Attacked Entity Geography: *USA *Incident Description: *High profile celebrity Ashton Kutcher had his Twitter account hijacked at the celebrity infested Technology, Entertainment, Design (TED) Conference, TED2011, in Long Beach, California, on Wednesday. Kutcher, best known for his role on the sitcom That 70's Show and, later, as host of MTV's Punk'd prank show, found himself Punk'd Toorcon style, when an unknown attacker hijacked an insecure Web session to post a message to Kutcher's Twitter account, @aplusk. "Ashton, you've been Punk'd. This account is not secure. Dude, where's my SSL?" read the first message, which was posted around 17:30 Pacific Time on Wednesday. A few moments later, another message went out to Kutcher's 6.4 million Twitter followers: *Mass Attack: *No *Reference: * https://threatpost.com/en_us/blogs/celebrity-ashton-kutcher-firesheepd-ted-conference-030311 *Attack Source Geography: * *Attacked System Technology: *Twitter