http://www.eweek.com/security/third-party-service-providers-scrutinized-after-seas-reuters-hack.html
By Robert Lemos
eWEEK.com
2014-06-25
One content provider's lapse in spotting the odd behavior of privileged
users allowed the Syrian Electronic Army cyber-propaganda group to deface
Reuters.com.
As popular cyber-attack targets continue to make progress in locking down
access to their networks and data, attackers searching for other ways to
compromise their targets have increasingly focused on another weak
point—third-party suppliers and contractors.
On June 23, hackers from the propaganda group known as the Syrian
Electronic Army redirected visitors to some Reuters articles to a
defacement page that berated the news organizations for "fake reports and
false articles about Syria." The attackers did not breach Reuters network,
however, but modified a content widget provided by Taboola, which normally
allows media sites to monetize their page views.
The SEA fooled one company employee, which the firm refers to as a "user,"
into giving up their password and then used the access to Taboola's
Backstage platform to change the header in the Reuters widget, the company
said in an analysis of the attack.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
