"They are going after media, because they want to propagate their message," said Jason Lancaster(, a senior analyst at HP Security Research). "When they attack media organizations, even if they are not successful, their message is, in a way, still being propagated."In most cases, the hackers used simple phishing techniques to gain userIDs and log-in passwords, then exploiting the limited security of social media and internal computer networks.
The breaches have demonstrated that many of the third-party widgets, plugins, and Web services used by media companies come with inherent risks. Publishers' pages are a mashup of a variety of third-party content, making the security of any displayed page reliant on the weakest link in the Web supply chain, says Chris Wysopal, chief technology officer of Veracode, an application-security firm.Just what we need...
"These websites pull ads and widgets from all over the place," he says. "People have no idea where all this data is coming from. I don't think a lot of people have thought about this threat model."
Another reason not to believe everything you read...
Source - How Hacktivists Have Targeted Major Media Outlets, dark reading
No comments:
Post a Comment