RSA Conference Hacked by Syrian Electronic Army

In March of this year, the RSA Conference was held in San Francisco. During that conference, security expert Ira Winkler belittled the hacking skills of the Syrian Electronic Army (SEA) and called them "the cockroaches of the Internet." Brian Krebs is now reporting that soon after Winkler's comments were posted online, the SEA commandeered the RSA Conference website. How did they do it? They determined that the RSA Conference website was hosted by a third party provider which used an analytics package called "Lucky Orange." Lucky Orange communicates with a server hosted by codoro.com.  The SEA spearphished the employees of [...]

2017-01-07T17:35:15-05:00May 28th, 2014|Cybersecurity - General, SP Guard, spear phishing|

eBay Breach — How?

If you have an eBay account, you have probably been notified that eBay has been breached and you should change your passwords. How could this have happened?  The bad guys used their favorite tool -- spearphishing.  In an interview with USA Today,  JD Sherry, vice president for technology and solutions for Trend Micro, a computer security firm said that is it likely the attackers used spearphishing to steal the data. "It's extremely stealthy," Sherry says. "These are carefully crafted slow and low attacks that try not to tip off corporate computer security." Such breaches can remain undetected for months, allowing hackers [...]

2017-01-07T17:35:15-05:00May 23rd, 2014|SP Guard, spear phishing|

Chinese Cyberspies Indicted

Yesterday, U.S. Attorney General Eric Holder announced the indictment of five Chinese military officers accused of committing economic cyber espionage against the United States. You can download the indictment here. The indictment describes what "hacking" means in the context of Chinese cyber espionage: The indictment continues by providing details of the anti-forensic tactics used by the accused to evade detection. Your personnel will receive deceptive emails.  Your security hangs in the balance when an employee decides to click a link or open an attachment.  Telling employees to avoid suspicious emails is good advice.  The attackers use this same guidance — that [...]

2017-01-07T17:35:15-05:00May 20th, 2014|Cybersecurity - General, SP Guard, spear phishing|

Cyber Security – An Engagement Between People

We recently attended a fascinating webinar presented by the cybersecurity experts at Mandiant, a FireEye company. The webinar,  entitled Tools of Engagement – Zero Dark 243 Days,  presented real world examples of the important cybersecurity maxim of Dr. Frederick Chang, former NSA Director of Research: … cybersecurity is fundamentally about an adversarial engagement. Humans must defend machines that are attacked by other humans using machines. It was interesting to hear the Mandiant experts describe how, after determining they were being attacked, the defenders were able to use information gleaned from the spearphishing attack to identify the attack command and control infrastructure.  Of [...]

2017-01-07T17:35:15-05:00May 6th, 2014|SP Guard, spear phishing|