Phishing
Bore Them With Death-by-Awareness: That’ll Teach em!
May 08, 2013 Added by:Lee Mangold
As security professionals, we have to understand that not everyone has a passion for security. In fact, most people don’t. Given that we know “they” don’t share our passion, and we know they are the most vulnerable attack vector, why do we continue to bore them with homogenous and irrelevant training?
Comments (0)
What Security Risks Do Healthcare Organizations Face?
May 06, 2013 Added by:Michael Fornal
Today, hospitals and healthcare organizations face many risks that they didn’t have to deal with until few years ago. This ever growing list of risks includes social engineering, redundant applications, within a network and keeping patient files secure and confidential but yet available and escalation of privileges.
Comments (0)
Could the AP Twitter Hack Have Been Prevented?
April 26, 2013 Added by:Gianluca Stringhini
This is the first time that people realize that Tweets can have a large effect on financial institutions. The question that people are asking is: could this compromise have been avoided?
Comments (0)
Don’t Let Your Guard Down: Tragedies Pave Way for Phishing Attacks
April 16, 2013 Added by:Jake Garlie
Tragic events such as what happened during the Boston Marathon creates an opportunity for attackers in the digital world as well. With everyone scrambling for more information, the success rate of a phishing attack at this time can skyrocket.
Comments (0)
So APT Is China *snicker* Now What?
February 28, 2013 Added by:Krypt3ia
As RSA comes to a close and the corridors of the hall stop ringing with the acronym APT, I find myself once again looking at the problem as opposed to the hype.
Comments (0)
Latest Adobe Zero-day is Serious Business
February 14, 2013 Added by:Mike Lennon
The exploits have been seen in extremely targeted attacks against high profile targets, and are a sophisticated effort that appear to be the first to successfully escape Adobe’s “protected mode” sandbox. Make no mistake about it; this attack is serious business and not the work of amateurs.
Comments (0)
New York Times Says It Was Infiltrated By Chinese Hackers
January 31, 2013 Added by:Infosec Island
The New York Times said it had fallen victim to hackers possibly connected to China's military, linking the sophisticated attacks to its expose of the vast wealth amassed by Premier Wen Jiabao's family.
Comments (0)
Resource: Defeating Advanced Persistent Threat Malware
January 29, 2013 Added by:Infosec Island
Attacks can come from anywhere. Even more daunting is that not all malware is alike. Learn about battling advanced threats and the progressive strategies to battle malware from this new white paper.
Comments (0)
Turkey – Another story on use of fraudulent digital certificates
January 04, 2013 Added by:Pierluigi Paganini
It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts.
Comments (0)
Fraud Files: Pay Later, Pilfer Now
December 18, 2012 Added by:Kelly Colgan
Services such as BillMeLater, a PayPal company that allows customers to make purchases on credit after a simple sign-up process and credit check, have created an identity theft trend and left victims fighting to clear their names...
Comments (0)
Do Better Technical Controls Increase People Focused Attacks?
December 16, 2012 Added by:Simon Moffatt
Social engineering can be seen as a more direct approach to exposing real security assets such as passwords, processes, keys and so on. Via subtle manipulation, carefully planned framing and scenario attacks, through to friending and spear phishing, people are increasingly becoming the main target...
Comments (0)
Why I'm Upset About the S.C. Department of Revenue Breach
December 04, 2012 Added by:Kelly Colgan
I’m a South Carolina taxpayer, and therefore, a potential victim of the massive South Carolina Department of Revenue Breach. I work in the identity theft and data risk industry, so when I heard about how everything was being handled and what was being offered, I was upset...
Comments (2)
Weaponizing the Nokia N900 – Part 4.0 – A Three Year Anniversary!
November 25, 2012 Added by:Kyle Young
I still believe the best phone for hackers is the Nokia N900 and it is a shame that Nokia decided to go the way of Microsoft. I personally believe that Nokia should have gone the route of an Android/Linux hybrid mobile operating system, but that’s just my opinion...
Comments (1)
Money Laundering Scenes In -The Digital World
November 20, 2012 Added by:gaToMaLo r. amores
By denying terrorist and criminals groups access to their money, authorities can stop them buying munitions and paying for suicide bombers. This approach has been highly successful in identifying and dismantling terrorist networks. Now they need to adapt and learn how this new DC works because it cannot be stopped...
Comments (1)
False Flag Phishing
November 15, 2012 Added by:Alan Woodward
There is a form of phishing becoming more common on Twitter that is likely to fool even the most suspicious of users. I very nearly fell for it myself. What stopped me? Unlike me, the person who purportedly sent me the message doesn’t make the sort of spelling mistakes that were in the message...
Comments (0)
Russian Underground is just part of a global criminal network
November 01, 2012 Added by:Pierluigi Paganini
Programming services and software sales was the most common service in the criminal market, where it is possible to buy customized malware agents and any kind of applications to conduct a cyber attack such as spammers, brute-force tools and DDoS bots and exploit toolkits...
Comments (0)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform