Online magazine Fast Company was the victim of a hack last night where their website was defaced. The website was taken down but you can see what that defacement looked like here. It appears the threat actors somehow gained login credentials that allowed them to access Fast Company’s Apple News account, which in turn allowed them to send out some vile and racist push notifications via Apple News. More on the latter in a moment. The threat actors also claimed to have accessed thousands of employee records, which they intended to share on a forum for trading information stolen in security breaches. If that’s true, that’s not good.
The company confirmed the hack took place via Twitter.
Apple reacted as well by turning off Fast Company’s Apple News account and saying this:
This story is sure to develop so if I learn more, I will share it here.
UPDATE: Mike Fleck, VP of Marketing for Cyren had this comment:
“As someone who has experienced a breach into a WordPress site, I can sympathize with Fast Company. After experiencing this, I have been a proponent of installing patches ASAP. It’s easy to rollback a patch if something breaks, it’s impossible to rollback a breach.”
“There is a tendency in the cybersecurity industry to focus on the latest technology like artificial intelligence. All organizations need to first master the basics. Know what systems you have, make sure they have the latest security patches, don’t use shared accounts, and enforce strong passwords and multi-factor authentication.”
Like this:
Like Loading...
Related
This entry was posted on September 28, 2022 at 8:30 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Fast Company Pwned By Hackers…. Forcing Apple To Disable Their Apple News Account
Online magazine Fast Company was the victim of a hack last night where their website was defaced. The website was taken down but you can see what that defacement looked like here. It appears the threat actors somehow gained login credentials that allowed them to access Fast Company’s Apple News account, which in turn allowed them to send out some vile and racist push notifications via Apple News. More on the latter in a moment. The threat actors also claimed to have accessed thousands of employee records, which they intended to share on a forum for trading information stolen in security breaches. If that’s true, that’s not good.
The company confirmed the hack took place via Twitter.
Apple reacted as well by turning off Fast Company’s Apple News account and saying this:
This story is sure to develop so if I learn more, I will share it here.
UPDATE: Mike Fleck, VP of Marketing for Cyren had this comment:
“As someone who has experienced a breach into a WordPress site, I can sympathize with Fast Company. After experiencing this, I have been a proponent of installing patches ASAP. It’s easy to rollback a patch if something breaks, it’s impossible to rollback a breach.”
“There is a tendency in the cybersecurity industry to focus on the latest technology like artificial intelligence. All organizations need to first master the basics. Know what systems you have, make sure they have the latest security patches, don’t use shared accounts, and enforce strong passwords and multi-factor authentication.”
Share this:
Like this:
Related
This entry was posted on September 28, 2022 at 8:30 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.