So many media sites have a ton of javascript widgets: ad networks serving third-party ads serving third-party tracking scripts, recommendation tools, analytics, etc. It really increases the attack surface.<p>How do publishers know that the scripts that go on their pages are safe?
So if the most common way these hacker "groups" actually "hack" websites are through phishing attacks. How do protect against phishing attacks in a way that will stop them. Obviously educating Martha the secretary to not click links in emails from people she doesn't know isnt working.<p>How can we make phishing attacks less successful or remove these attack style altogether. 9 times out of 10 when I hear about some major hack its because of phishing.
So what are best guesses here? Weeks of surveillance and social engineering or a 0-day/unpatched software?<p>I just feel like these sites should be getting scanned daily by all kinds of frameworks like metasploit so unpatched known vuln seems unlikely.<p>More likely is exploiting the employees with spear phishing or social engineering, or 0day. And of those three I'd have to lean towards 0day, if it truly was Syrians that did it.<p>And if they got socialflow at almost the same time I'm betting they were using something in common.<p>Though considering the post claims an employee account was hacked through phishing, maybe they had shared accounts for columnists or something.
In an ironic twist, the Syrian Electronic Army's website wins a Pulitzer for investigative reporting; Jeff Bezos replaces entire editorial staff with six hackers and a shell script.
Washington post also posted another good article about the hackers:<p>"The Post just got hacked by the Syrian Electronic Army. Here’s who they are."<p><a href="http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/15/the-post-just-got-hacked-by-the-syrian-electronic-army-heres-who-they-are/" rel="nofollow">http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/15...</a>
The "Syrian Electronic Army" is just rented Iranian hackers. They also have a large propaganda chorus you'll see in newspaper article comments just like Gaddafi did to give the illusion of popular support. They also steal citizen journalist videos of atrocities in Syria and then make up fake translations for them to paint the regime in the best light possible. Since most people never fact check anything they see on youtube largely this strategy works. It's too late when the Guardian or Al Jazeera reveal the true translation weeks later damage has already been done.<p>Shouldn't the Washington Post and other news agencies be running honeypots to catch these guys?
This same group got socialflow yesterday - <a href="http://www.ehackingnews.com/2013/08/socialflow-hacked-new-york-post.html" rel="nofollow">http://www.ehackingnews.com/2013/08/socialflow-hacked-new-yo...</a>