Week in Review 17 October 2015 Detecting Spear Phishing Attacks that Slip Past Defenses (#PhishLabs) While desirable, blocking all threats in the Prevent phase is not achievable. Inevitably, a portion of email-based attacks will exhibit characteristics too similar to legitimate business activity to block or quarantine them prior to delivery into user inboxes. The objective…
Moker RAT Moves Out Wildly Across the Internet Infosecurity-magazine.com published news on 8th October, 2015, quoting security experts of Israeli cyber-security start-up enSilo as saying, “We have found a fresh Remote Access Trojan (RAT) in the wild dubbed Morker which is capable to take complete control of the victim’s computer”. According to enSilo, Moker is…
Dow Jones and Company Latest Financial Firm Hit With Data Breach The financial firm Dow Jones and Company announced late last week that it’s the latest in an exhaustive list of companies this year to report a data breach. The News Corp.-owned company informed customers Friday that hackers managed to infiltrate their system in an…
Cybercrime Week in Review 10 October 2015 Scottrade suffers hack; 4.6M customers notified of breach (ZDNet) The brokerage firm confirmed the attack, but said the focus of the attack was client contact details rather than financial information. VW’s ‘neat hack’ exposes danger of corporate software (TheGaurdian) For anyone interested in what is laughingly known as…
Cybercrime Week in Review 3 October 2015 Indian Hackers Deface Over 40 Pakistani Websites Hours After Two Indian Government Portals Were Hacked (Inquisitr) Hours after an Indian website was hacked by a Pakistani hacker, a wave of cyber attacks targeted at Pakistan have left dozens of Pakistani websites defaced or hacked. According to a report…
MailShark National Cyber Security 2015 Champion 1st October 2015 – MailShark today announced that it has become a Champion of National Cyber Security Awareness Month (NCSAM) 2015. It will be joining a growing global effort among colleges and universities, businesses, government agencies, associations, nonprofit organizations and individuals to promote online safety awareness. Celebrated every October,…
Post Office Email Scams Target Denmark, Drop Crypt0l0cker Ransomware The post office email scam is a time-tested method of attack among malicious actors. Indeed, when users see that they have received an email from an actor purporting to be their local post office, most of them buy into the familiarity of this governmental institution and…
Hotel Chain Hilton Worldwide Investigating Potential POS Breach Hilton Hotels and Resorts is reportedly looking into claims that some of its point-of-sale devices were compromised, some potentially as far back as November 2014. Security blogger Brian Krebs notes that Visa sent alerts to financial institutions warning of a breach from April 21 to July 27,…
Cybercrime Week in Review 26 September 2015 Introducing the Defensive Framework for Spear Phishing (PhishLabs) Spear phishing is the preferred attack method for advanced threat actors. Well-crafted spear phishing attacks easily slip past layers of defenses and target the only vulnerability that cannot be patched – people. The vast majority of headline data breaches in…
Malware program infects ATMs dispenses cash on command The GreenDispenser malware displays an error on the infected ATMs so that only criminals can use them Security researchers have discovered a new malware program that infects automated teller machines (ATMs) and allows attackers to extract cash on command.The program is dubbed GreenDispenser and was detected in…
