Seculert is reporting that Israeli organizations, including the Civil Administration of Judea and Samaria, have been compromised by spearphishers.  The attack emails masqueraded as  originating from Shin-Bet, the Israel Security Agency.  At least 15 computers were infected with Xtreme RAT, a form of remote access software that opens a back door for the attackers to access systems. Although the attack messages had clues that the messages were suspicious (suspicious email address, poor grammar), the attack again demonstrates that people processing email in an operational environment are not forensic engineers -- people are creatures of habit responding to clues of perceived [...]

Kevin Mandia, founder and COO of Mandiant, is joining the board of directors of PhishMe.  This follows the acquisition earlier this month of Mandiant, a leading cyber-forensics company, by FireEye, a leading anti-malware company.  In joining PhishMe, Mr. Mandia said, In today's adversarial environment, attackers are targeting people more so than computers. PhishMe is well positioned to not only help organizations manage their employees' behavior towards advanced attacks, but also convert their users into active human defenders. At Iconix we agree that targeting people is the problem. However, the case for the effectiviness of training has yet to be made. [...]

Earlier this month the Syrian Electronic Army compromised Microsoft's @MSFTNews twitter account.  At that time, the SEA said that this was not done attacking Microsoft. Today, the SEA  hacked the Microsoft Office Blog: How is the SEA able to compromise one of the leading technology companies in the world?  The SEA attacks the people using spearphising. ITWorld reports: "A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted," a Microsoft representative said Thursday via email. "These accounts were reset and no customer information was compromised. We continue [...]

TechTimes is reporting that Neiman Marcus is apologizing for the security breach that compromised customers' financial data. The real news is that the malware whch infected their systems started operating in July 0f 2013 and was only contained last week!   More technical details were reported by Computerworld.  The malware was a variant of known malware.  The attackers modified the malware to evade detection.   Computerworld quotes from the research of iSIGHT: This software contains a new kind of attack method that is able to covertly subvert network controls and common forensic tactics, concealing all data transfers and executions that [...]

The theft of personal financial data of tens of millions of people from Target and Neiman Marcus is being widely reported in the press. Security experts suspect that the bad guys were able to convert credit card terminals into a giant botnet.  Writing on the IntelCrawler website,  IntelCrawler CEO Andrey Komarov wrote on December 5, 2013: The unique side of our case is that it is a real botnet with C&C functions, which is active close to half a year and controlled by a group of criminals which has a new type of Dexter. The infected PoS merchants are installed [...]

BankInfo Security is reporting on soon to be published research which demonstrates that training to help workers avoid clicking on links from spear-phishing e-mails is generally ineffective.  Report co-author Eric Johnson, a Vanderbilt University professor, told BankInfo Security: There's just something in there, even for the most astute security folks. When you get a link that looks like it's real, looks like it came from a friend, has a compelling message, it's very hard to pull the finger back from the mouse.   The research paper is available for purchase at the IEEE. Spearphishers deceive people into making bad email [...]

The Syrian Electronic Army rang in the New Year by compromising the social media accounts of Skype. It has yet to be determined how the SEA took control of Skype's accounts, but we know from previous SEA  attacks  (@barackobama, the U.S. Marines,  the Associated Press and others) that spearphishing is their tool of choice. Spearphishers deceive people into making bad email decisions that compromise security. IT needs to help employees make better email processing decisions. That is where SP Guard comes into play. Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly [...]