Syrian activist hack CNN, Time and The Washington Post
Posted by: Timothy Weaver on 08/16/2013 11:48 AM
[
Comments
]
CNN, Time mag and The Washington Post were each hacked yesterday. Syrian hacktivists claim they are the vandals responsible. The hacking was not directly targeted to those web sites, but to Outbrain - a marketing biz used by WashingtonPost.com, Time.com and plenty of others to provided links to related articles and stuff online.
Marc Gaffan, co-founder of web security firm Incapsula, explained: "The cause of the breach was actually performed by sending phishing emails to all Outbrain employees which caused them to surrender their email passwords. With access to employee email accounts the hackers were able to obtain or reset passwords to the admin areas of the content marketing platform, leading to the visible part of the breach."
"If Outbrain's admin areas had two-factor authentication enabled on them, this could have been prevented," he suggested.
Outbrain responded to the hack by temporarily suspending its services. A detailed timeline on how the compromise unfolded can be found here.
Marc Gaffan, co-founder of web security firm Incapsula, explained: "The cause of the breach was actually performed by sending phishing emails to all Outbrain employees which caused them to surrender their email passwords. With access to employee email accounts the hackers were able to obtain or reset passwords to the admin areas of the content marketing platform, leading to the visible part of the breach."
"If Outbrain's admin areas had two-factor authentication enabled on them, this could have been prevented," he suggested.
Outbrain responded to the hack by temporarily suspending its services. A detailed timeline on how the compromise unfolded can be found here.
Comments
