Neiman Marcus Exploit – 60,000 Warnings Ignored is reporting that during the 3 1/2 month cyberattack on Neiman Marcus, over 60,000 alarms were triggered that were ignored by Neiman Marcus cybersecurity experts. Ginger Reeder, a spokeswoman for Neiman Marcus, says the hackers were sophisticated, giving their software a name nearly identical to the company’s payment software, so any alerts would go unnoticed amid the deluge of data routinely reviewed by the company’s security team. “These 60,000 entries, which occurred over a three-and-a-half month period, would have been on average around 1 percent or less of the daily entries on these endpoint protection logs, which have tens [...]

2017-01-07T17:35:16+00:00February 25th, 2014|Cybersecurity - General|

Syrian Electronic Army Strikes Again – Infiltrates Forbes

The Syrian Electronic Army infiltrated  According to Re/code, the SEA defaced the Forbes website, issued fake twitter messages and stole a million user account names and passwords. How could the SEA do this?  Forbes answers that question: A hacker, perhaps more than one, gained access to our publishing platform through spear phishing ... Spearphishers deceive people into making bad email decisions that compromise security. IT needs to help employees make better email processing decisions. That is where SP Guard comes into play. Using SP Guard, IT can determine a list of trusted senders and provide this information to staff in a simple and highly [...]

2017-01-07T17:35:16+00:00February 19th, 2014|SP Guard, spear phishing|

On Target – 110 Million People Compromised With One Spearphishing Email

The compromise of credit card and personal data from the Target attack has been widely reported. You might even  be a victim -- some of us at Iconix were victims! The attack has now been traced back to one of Target's vendors -- Fazio Mechanical.  Fazio Mechanical has issued a statement in which it explains that its was “the victim of a sophisticated cyber attack operation.”  "sophisticated cyber attack operation"  -- what could that be?  The mind conjures up images of a James Bond-like infiltration of their systems.  In fact, it was the most reliable trick in the cyber-bad guy book -- [...]

2017-01-07T17:35:16+00:00February 13th, 2014|SP Guard, spear phishing|

Kaspersky Finds “The Mask” Malware

In a further demonstration of the two most important cyber espionage facts: Infiltration Is Easy Detection Is Hard, Kaspersky has uncovered malware it terms "The Mask."  Security Week reports: Powerful and difficult to detect, Careto intercepts all the communication channels and collects the most vital information from the victim’ system. Detection is extremely difficult because of its stealth rootkit capabilities, and in addition to built-in functionalities, the attackers can upload additional modules which can perform virtually any function. So far, attacks have been seeing using multiple vectors, including an Adobe Flash Player exploit that targets CVE-2012-0773, a vulnerability patched by [...]

2017-01-07T17:35:16+00:00February 11th, 2014|SP Guard, spear phishing|

Zombies Attack – Hackers Take Over Emergency Broadcast System

Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living.  Thus  began a warning from the emergency broadcast system. How could this have happened? Because the TV station never changed the default factory log in credentials . How hard is to find these default log in credentials? The default log in credentials are published on the manufacturer's website. It isn't always this easy to steal credentials -- but almost.  Bad guys have figured out that employees have credentials - -and that it is easy to steal these credentials [...]

2017-01-07T17:35:16+00:00February 10th, 2014|SP Guard, spear phishing|

People are the soft chewy center of the security landscape

The Syrian Electronic Army successfully infiltrated CNN. The SEA  posted fake content on @CNN @NatlSecurityCNN @CNNSitRoom @CNNPolitics CNN's official Facebook page CNN's Security Clearance blog CNN's Political Ticker blog This demonstrated the SEA's ability to infiltrate organizations at will.  Mashable is reporting that soon after seeing CNN reports critical of the Assad regime, the SEA decided to hack CNN. Soon after making this decision, the SEA seized the assets listed above.  How do they do it? Spearphishing.  Mashable quotes Dave Lewis, a security advocate at Akamai Technologies, People are the soft chewy center of the security landscape. If you can't [...]

2017-01-07T17:35:16+00:00February 3rd, 2014|SP Guard, spear phishing|