Blog Posts Tagged with "spear-phishing"
US Gas Pipeline Companies Under Major Cyber Attack
May 07, 2012 Added by:Headlines
“Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated 'spear-phishing' campaign..."
Comments (0)
Nine Tips for CSOs to Get a Fresh Start this Spring
April 14, 2012 Added by:Jason Clark
With everything in the threat landscape changing so frequently, it’s important to reassess your current status and plan for the coming year, whenever we can come up for air. So, I came up with the following nine tips to help you get a fresh start this spring...
Comments (1)
Disclosures: How Much Sharing is Too Much?
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
Comments (0)
MSUpdater Trojan Smuggles Data as Windows Update Traffic
February 01, 2012 Added by:Headlines
"We don't have information about the people behind those attacks, however as all of them are targeting government-related organizations, it is highly reasonable to suspect that the attackers are high profile, maybe even a country..."
Comments (0)
Symantec: Chinese Connection to Attacks on Defense Contractors
January 27, 2012 Added by:Headlines
The data Symantec published reinforces evidence from an earlier investigation conducted by AlienVault, which described an orchestrated sprear-phishing campaign most likely targeting information on US drone technology which utilized malware-infected PDF documents to deliver the Sykipot payload...
Comments (0)
Federal Agencies Tap Online Trust Alliance for Training
November 17, 2011 Added by:Headlines
“Authentication is the front line defense... This program, supported by the White House, will help stem the tide of malicious and deceptive email. This is a great example of the public and private sector working together to increase end-to-end trust of our nation’s critical infrastructure..."
Comments (0)
Steam Attack Puts Users at Risk of Spear Phishing
November 16, 2011 Added by:Josh Shaul
A good implementation of salting before hashing can yield very secure results – however weak implementations that used fixed salt are not all that unusual, and those are quite easy to break. The stored credit card numbers were encrypted. It’s likely that these will be difficult to extract...
Comments (0)
Are You Cyber Savvy?
October 26, 2011 Added by:Joel Harding
What really set him apart was Social Engineering combined with his hacking. He did his research, he would study, he would probe, and then he would do whatever it took to get a password, to get a free account, to get root access, to get into a facility and physically touch the system...
Comments (0)
Email Authentication Rates Rise in 2011
October 05, 2011 Added by:Headlines
“The increased incidents of spear phishing targeting consumers, business and government users have accelerated the business value of email authentication. Organizations who fail to adopt are putting their employees, data and consumers at an unacceptable level of risk..."
Comments (0)
Spear-Phishing Operation Targets Senior US Officials
August 16, 2011 Added by:Headlines
"Victims get a message from an address of a close associate or a collaborating organization/agency, which is spoofed. The message is crafted to look like a subscription form offering to enter Gmail credentials to activate it..."
Comments (0)
Spear Phishing Leaves a Bloody Wound
July 19, 2011 Added by:Robert Siciliano
Once criminal hackers get a person’s username and email address, they can begin to launch a targeted spear phish scam. Scammers copy the design of each breached entities outgoing email campaign and blast the breached list with “account update” or other ruses...
Comments (0)
This Article Has Been Has Been Re-Hashed Re-Hashed
June 15, 2011 Added by:J. Oquendo
Targeted phishing, aka spearfishing attacks, have been noticed since 9/11 and no one seems to have gotten their act together to defend against this attack. The attack itself is almost always defendable with, and I have stated this over and over again, Extrusion Prevention...
Comments (0)
Chinese Hackers Spear-Phishing for US Military Secrets
April 24, 2011 Added by:Dan Dieterle
What could the Chinese hope to gain? Military secrets. Along with terabytes of data that have been stolen, the Chinese also obtained login credentials and blue prints to some of America’s hi-tech military equipment...
Comments (0)
Spear-Phishing Season Is Declared Open
April 09, 2011 Added by:PCI Guru
Post-Epsilon breach, it seems every merchant under the sun is notifying their customers of the expected onslaught of electronic mail messages asking for bank account and credit card numbers among other PII. As a result, a lot of credit card numbers will likely get exposed. Be prepared...
Comments (0)
Top Five Online Scams
March 16, 2011 Added by:Robert Siciliano
Phishing continues to become more sophisticated, more effective, and more prevalent. In one example, criminal hackers waited until Pennsylvania school administrators were on vacation, then used simple money transfers to liquidate over $440,000 out of the districts accounts...
Comments (1)
Canadian Treasury and Finance Systems Hacked
February 19, 2011 Added by:Headlines
Attackers used targeted spear-phishing methods to gain access to executive's computers,then produced fraudulent emails that were sent out to numerous department staff. The emails contained attachments infected with malware that would harvest data and transmit the information to the attackers...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR