TVNewser FishbowlDC AgencySpy TVSpy LostRemote PRNewser SocialTimes AllFacebook 10,000 Words GalleyCat UnBeige MediaJobsDaily

Posts Tagged ‘SocialFlow’

Phishing Expedition Forces Outbrain to ‘Degrade Gracefully’ from WaPo, TIME, CNN

The terminology referenced in our headline comes straight from an afternoon Outbrain blog post explaining how the Syrian Electronic Army was able to briefly compromise the websites of the Washington Post, CNN and TIME:

At 10:23am ET, SEA took responsibility for hack of CNN.com, changing a setting through Outbrain’s admin console to label Outbrain recommendations as “Hacked by SEA.”

At 10:34am Outbrain internal staff became aware of the breach.

By 10:40am Outbrain network operations began investigating and decided to shut down all serving systems, degrade gracefully and block all external access to the system…

Read more

Mediabistro Course

Get a Literary Agent

Get a Literary AgentStarting August 6, learn how to find the right agent for your book and write a query that will get the deal done! Taught by Barbara Clark, a book agent and publishing consultant, you will learn the best methods for finding a literary agent, the proper protocol and etiquette for seeking literary representation, how to send queries and more. Register now!

New York Post Social Media Accounts Briefly Hacked

So how does the Syrian Electronic Army do it? The latest victims of the group’s social-media hacking ways, per a report on computerworlduk.com, were the New York Post‘s Facebook page, several individual newspaper reporter Twitter feeds and the Facebook/Twitter pages of social media management company SocialFlow.

Order at both ends has been restored after the Tuesday breaches; the connection here is that the Post uses SocialFlow’s dashboard to manage its accounts. Computer security expert Graham Cluley suggests that the Army relied on their same old tricks:

Chances are that Post and SocialFlow fell victim to the Syrian Electronic Army via the group’s normal method of attack – emailing staff at one media organization with a forged “sent” address in the email header, linking to what claims to be a breaking news story that the recipient should check out. Clicking on the link then takes users to a phishing site where passwords are stolen.

Read more