Most Feared Cyberattack – Spearphishing

Bit9 recently released its 2012 Bit9 Cyber Security Research Report.  The report contains a survey of IT and Security Professionals which asks, "What  method of cyber attack are you most worried about?"  The answer -- spearphishing, with almost half of respondents identifying spearphishing as the threat that most concerns them. SP Guard from Iconix provides your staff with the ability to distinguish real email from spearphishing attacks.

2017-01-07T17:35:23-05:00April 27th, 2012|SP Guard, spear phishing|

Spearphishing Example – Spoofing FireEye

Hackers seeking to steal confidential information from Tibetan activists are using spearphishing emails to infiltrate systems.  Spearphishing occurs when hackers use socially engineered emails in order to deceive targeted email recipients into compromising their systems. In a textbook example of a spearphishing, reported by The Hacker News, hackers are pretending to send emails from the trusted security company FireEye.  This is an example of one of those fake FireEye emails: In order to prevent social engineering from deceiving the email recipient,  SP Guard from Iconix modifies the email client’s display to provide a visual indicator of the identity of the sender of email. [...]

2017-01-07T17:35:23-05:00April 20th, 2012|SP Guard, spear phishing|

Spearphishing Attack Exploits Spearphishing News

Hackers use socially engineered emails in order to deceive targeted email recipients into compromising their systems. In order for a socially engineered email to deceive, it must contain a call to action that is compelling to the recipient. A current attack on Tibetan organizations demonstrates how clever hackers are able to use the news -- even news that discloses attacks -- to create a compelling call to action. Two weeks ago, SC Magazine reported that hackers in China were sending highly targeted emails to organizations in Tibet. The spearphishing message used a Tibetan religious festival as the call to action. The [...]

2017-01-07T17:35:23-05:00April 13th, 2012|SP Guard, spear phishing|

An Ounce of Prevention Against APT

Antivirus software does not work against Advanced Persistent Threats. In the realm of Advanced Persistent Threats, the malware is targeted and designed for each intended victim. The attackers are hard at work creating new malware. According to Bit9: Furthermore, AV signature-based libraries are growing at 50,000 a day, with current libraries anywhere from 6 to 20 million signatures. At this pace, basing endpoint security solely on AV libraries is unsustainable in terms of sheer volume and efficient endpoint scanning – as well as a drain on IT resources. Some AV vendors now recommend downloading selective signature packs, belying the scalability problem. But more important is currency: No [...]

2017-01-07T17:35:23-05:00April 5th, 2012|SP Guard, spear phishing|

Global APT Threats

Our friends at Trend Micro have released a research report and an infographic that shows the global reach of espionage networks that use spearphishing to infiltrate computer networks.  Spearphishing is a malicious email that is targeted to the recipient that encourages the recipient to take an action that will compromise his system.  Trend Micro summarizes the problem: The number of targeted attacks has dramatically increased. Unlike largely indiscriminate attacks that focus on stealing credit card and banking information associated with cybercrime, targeted attacks noticeably differ and are better characterized as “cyber espionage.” Highly targeted attacks are computer intrusions threat actors [...]

2017-01-07T17:35:23-05:00April 2nd, 2012|SP Guard, spear phishing|