FishbowlDC TVNewser TVSpy LostRemote AgencySpy PRNewser GalleyCat SocialTimes

Posts Tagged ‘SocialFlow’

Phishing Expedition Forces Outbrain to ‘Degrade Gracefully’ from WaPo, TIME, CNN

The terminology referenced in our headline comes straight from an afternoon Outbrain blog post explaining how the Syrian Electronic Army was able to briefly compromise the websites of the Washington Post, CNN and TIME:

At 10:23am ET, SEA took responsibility for hack of CNN.com, changing a setting through Outbrain’s admin console to label Outbrain recommendations as “Hacked by SEA.”

At 10:34am Outbrain internal staff became aware of the breach.

By 10:40am Outbrain network operations began investigating and decided to shut down all serving systems, degrade gracefully and block all external access to the system…

Read more

Mediabistro Course

Middle Grade Novel Writing

Middle Grade Novel WritingStarting January 15, work with a literary agent to write your middle-grade novel! In this course, you'll learn how to develop strong characters, write compelling dialogue, master the art of revision, and market your work to publishing houses and agents. Register now!

New York Post Social Media Accounts Briefly Hacked

So how does the Syrian Electronic Army do it? The latest victims of the group’s social-media hacking ways, per a report on computerworlduk.com, were the New York Post‘s Facebook page, several individual newspaper reporter Twitter feeds and the Facebook/Twitter pages of social media management company SocialFlow.

Order at both ends has been restored after the Tuesday breaches; the connection here is that the Post uses SocialFlow’s dashboard to manage its accounts. Computer security expert Graham Cluley suggests that the Army relied on their same old tricks:

Chances are that Post and SocialFlow fell victim to the Syrian Electronic Army via the group’s normal method of attack – emailing staff at one media organization with a forged “sent” address in the email header, linking to what claims to be a breaking news story that the recipient should check out. Clicking on the link then takes users to a phishing site where passwords are stolen.

Read more