![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
The Syrian Electronic Army hacks the RSA conference web site
RSA is a security firm that came out with those little electronic dongles that provides people with an ever-changing one-time password. Impressive tech, but they've been compromised before. This time, the SEA used a JavaScript exploit combined with spearphishing to compromise a web site analytics company, they track clicks and where people come from and stuff like that. So instead of seeing a video where a security researcher talks about exploiting trust relationships and says the SEA are like cockroaches scurrying through the undergrowth of the internet, you get a message from the SEA saying that he's the cockroach.
And the exploit happened exactly how the video described how it was usually done.
http://krebsonsecurity.com/2014/05/complexity-as-the-enemy-of-security/
Krebs goes on to point out that thus far, the SEA has only been doing its hacks for propaganda, whereas criminals use the same techniques to compromise servers to dish out malware. He also describes some techniques for making your computer a safer place.
http://krebsonsecurity.com/tools-for-a-safer-pc/
And the exploit happened exactly how the video described how it was usually done.
http://krebsonsecurity.com/2014/05/complexity-as-the-enemy-of-security/
Krebs goes on to point out that thus far, the SEA has only been doing its hacks for propaganda, whereas criminals use the same techniques to compromise servers to dish out malware. He also describes some techniques for making your computer a safer place.
http://krebsonsecurity.com/tools-for-a-safer-pc/
no subject