Syrian Electronic Army Hacked Tango Chat App; Is Your Site Next?: " . . . The biggest entry point for hackers, and the hardest to secure, is attack by social engineering. For example, one employee of The Onion was fooled by a phishing message into entering Google Apps credentials on a bogus site. Those credentials gave hackers access to all of The Onion's social media accounts. They also used the hacked account to broadcast a second phishing attack to more of the staff. You need a multi-layered defense against this kind of attack. Create and enforce a policy that all employees must use strong passwords. Educate them on how to spot fraudulent email messages, and what to do with links in emails (don't click them!). Limit your potential losses by giving each employee access to only those accounts and resources needed for the job. And be prepared for the eventuality that despite all your precautions, some schmo will fall for a phishing message and thereby compromise your site. . . ."
more news below