|
|
|
Syrian Electronic Army Hacks into Obama Campaign Staff Emails |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : Yesterday, the Syrian Electronic Army announced that it had compromised the email accounts of several staff members of Organizing For Action OFA , a non-profit organization that also maintains the President s website barackobama.com , the President s Facebook, and the President s Twitter account barackobama . A screenshot posted by Official_SEA16 confirms the hack and indicates some OFA staff were conducting business using Gmail email accounts, hosted through Google Apps for Business. We accessed many Obama campaign emails accounts to assess his terrorism capabilities. They are quite high SEA pic.twitter.com ARgGLX8IjN SyrianElectronicArmy Official_SEA16 October 28, 2013 The attackers also compromised the URL shortening service that the President used to share links through social media ShortSwitch.com . The compromised links directed users to a video called Syria Facing Terrorism , hosted on YouTube, which has since been removed. We are working with OFA. Evidence suggests credentials were compromised elsewhere and used by unauthorized parties. Forensics ongoing... ShortSwitch shortswitch October 28, 2013 The Syrian Electronic Army may have targeted the Obama campaign the same way that they targeted The Onion satirical news site. The Onion published a write-up explaining how they were compromised earlier this year. In the write-up, they point to emails they received phishing attacks that redirected staff to fake Google Apps login pages. Many organizations use Google Apps for email and for other services. And many of these organizations have not yet enabled two-factor authentication Google calls this two-step verification a security feature that has been available in Google Apps since 2011. Two-factor authentication for email is an important security feature that should be enabled. In the scenarios such as the one above, two-factor authentication would have helped the staff members of OFA mitigate an attempt by hackers to obtain access to the Obama campaign s Google Apps email account. SEA Official_SEA16 on Obama social media hack BTW, they didn't even enabled 2-step verification http t.co VRF0bXqNdd Fran Berkman FranBerkman October 28, 2013 If you are a Google Apps administrator, Symantec Security Response recommends turning on the two-factor authentication feature. Follow these instructions to allow two-factor authentication 2-step verification . Google Apps administrators also have the option to enforce two-factor authentication, making it mandatory for all users of that domain. Please refer to Google s help page for how to enable this feature. Phishing attacks continue to evolve. All it takes is just one person in an organization to fall for a phishing scam to lower your security. Consider adding two-factor authentication to your Google Apps for Business account as well as incorporating regular user education training on security best practices for your employees. For more information on two-factor authentication see Why Email is a Key to Your Castle Webmail Security and Associated Best Practices
Les mots clés de la revue de presse pour cet article : obama
Les éléments de la revue Twitter pour les mots clé : obama
Les derniers articles du site "Symantec Connect Security Response Billets" :
- What you need to know about election apps and your personal data
- Microsoft Patch Tuesday April 2016
- New Adobe Flash Player exploit used by Magnitude and Nuclear exploit kits
- Latest Intelligence for March 2016
- New Flash zero-day exploited by attackers in the wild
- Samsam may signal a new trend of targeted ransomware
- Four tax scams to watch out for this tax season
- Most prevalent Android ransomware in the West arrives in Japan
- Taiwan targeted with new cyberespionage back door Trojan
- Seven Iranians charged in relation to cyberattacks against US
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
