Flame – Malware on Steroids

Flame is in the news.  What is Flame?  It is a large piece of malware that is used to spy on its victims.  Flame takes numerous cyberspying techniques and packages them together into a comprehensive suite of bad news.  Flame can record keystrokes, screen shots and SKYPE sessions.  It can turn on your microphone and listen in on conversations.  It can hijack bluetooth devices. You can watch a discussion about Flame between a former CIA official and a security expert on the PBS Newshour. Flame also demonstrates the general problem with anti-virus.  Until the malware is identified, it operates undetected. [...]

2017-05-23T14:50:02-04:00May 31st, 2012|SP Guard, spear phishing|

Top Five Spearphishing Scams

KnowBe4 has released information about the most widespread spearphishing scams targeting businesses. Spearphishing is the hacking technique in which highly targeted socially engineered emails are sent to a very small number of people.  The purpose of a spearphishing email is to deceive the recipient into taking an action, such as following a link or opening an attachment, that will compromise the security of the recipient's systems. KnowBe4 cites these five scams: 5. Better Business Bureau Complaint – The recipient receives an official-looking email that is made it appear the Better Business Bureau.  The recipient is instructed to click on a [...]

2017-01-07T17:35:23-05:00May 25th, 2012|SP Guard, spear phishing|

Spearphishing Attacks U.S. Gas Pipelines

In a story first reported by The Christian Science Monitor, The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active "spear phishing" campaign targeting companies in the natural gas pipeline sector. The article cites an April 13 confidential ICS-CERT alert: ICS-CERT has recently identified an active series of cyber intrusions targeting natural gas pipeline sector companies.  Multiple natural gas pipeline organizations have reported either attempts or intrusions related to this campaign. The campaign appears to have started in late December 2011 and is active today. The public ICS-CERT report states: Analysis shows [...]

2017-01-07T17:35:23-05:00May 10th, 2012|SP Guard, spear phishing|

British Defense Firms Targeted in Spearphishing Attack

ZDNet UK is reporting that British defense firms are being targeted by spearphishing attacks. Cabinet Office Minister Francis Maude Discloses SpearphishingPhoto credit: BIS Cabinet Office Minister Francis Maude stated that British defense contractors were being targeted by a sophisticated campaign that uses highly targeted emails to compromise systems.  The Minister announced that these attacks had been identified through a data sharing arrangement between business and government under the new UK cybersecurity strategy that was announced in November of 2011. The Minister noted, "UK government networks continue to be regularly targeted by foreign intelligence agencies, or groups working on their [...]

2017-01-07T17:35:23-05:00May 4th, 2012|SP Guard, spear phishing|