Iconix Whitepaper – Defending Against Advanced Persistent Threats

Today Iconix released a whitepaper entitled, “Defending Against Advanced Persistent Threats.” As the whitepaper describes, the United States, its allies and its industries are engaged in cyber warfare.  A leaked secret State Department cable describes a cyberwarfare attack: Since late 2002, USG organizations have been targeted with social-engineering online attacks by BC [Byzantine Condor] actors. … BC actors typically gain initial access with the use of highly targeted socially engineered e-mail messages, which fool recipients into inadvertently compromising their systems [spear-phishing]. The intruders then install malware such as customized keystroke-logging software and command-and-control (C&C) utilities onto the compromised systems and exfiltrate [...]

2017-01-07T17:35:28-05:00May 31st, 2011|SP Guard, spear phishing|

Target – The Human

“Target – The Human” in the May 2011 issue of Information Security provides a detailed discussion of the social engineering schemes that are being used to compromise data processing systems. The article quotes Shawn Moyer, managing principal research consultant with Accuvant LABS R&D team: A common mistake enterprise security managers make is focusing on infrastructure and system defenses instead of people. A lot of defenders still think in terms of an attacker on the Internet externally trying to find a way in. … The reality is, if I’m the outside threat, I find an insider and that insider becomes your [...]

2017-01-07T17:35:28-05:00May 25th, 2011|SP Guard, spear phishing|

Iconix Whitepaper –– Phishing Training – A Losing Cyberwar Strategy

Today Iconix released a whitepaper entitled, “Phishing Training – A Losing Cyberwar Strategy.” As the whitepaper describes, the United States, its allies and its industries are engaged in cyber warfare.  A leaked secret State Department cable describes a cyberwarfare attack: Since late 2002, USG organizations have been targeted with social-engineering online attacks by BC [Byzantine Condor] actors. ... BC actors typically gain initial access with the use of highly targeted socially engineered e-mail messages, which fool recipients into inadvertently compromising their systems [spear-phishing]. The intruders then install malware such as customized keystroke-logging software and command-and-control (C&C) utilities onto the compromised systems [...]

2017-01-07T17:35:28-05:00May 18th, 2011|SP Guard, spear phishing|

Sony PSN email Scam

Electronic Theatre, the gaming publication, reports that scams arising from the security breach of the Sony Playstation Network (PSN) have started. Electronic Theatre reports that soon after the PSN network was compromised, Sony sent out a real email warning.  On May 4, 2011, members to the Electronic Theatre team started receiving additional warning emails which were almost identical to the original messages -- except this time the email contained a link to reset your password.  The password reset page is actually a scam intended to steal your personal information.  While Electronic Theatre does not believe that these email criminals are the same people [...]

2017-01-07T17:35:28-05:00May 13th, 2011|Iconix Truemark Service, Phishing|

Malicious Software Features Usama bin Laden Links to Ensnare Unsuspecting Computer Users

The FBI today (May 3, 2011) issued a warning about emails that feature Usama bin Laden photos or videos but which actually contain malware that will infect your computer.  The FBI warns that viruses are often programmed to steal your personally identifiable information. The FBI offers this advice: Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page. Even a “friend” can unknowingly pass on multimedia that’s actually malicious software. Do not agree to download software to view videos. These applications [...]

2017-01-07T17:35:28-05:00May 3rd, 2011|Consumers and Email, Phishing|