Today is the last day of National Cyber Security Awareness Month (NCSAM). We thought that the October 29, 2014, alert from ICS-CERT about the vulnerabilities of the US infrastructure highlighted both the complexity and simplicity of the problem. In Alert ICS-ALERT-14-281-01A ICS-CERT warns: ICS-CERT has identified a sophisticated malware campaign that has compromised numerous industrial control systems (ICSs) environments using a variant of the BlackEnergy malware. Analysis indicates that this campaign has been ongoing since at least 2011. Multiple companies working with ICS-CERT have identified the malware on Internet-connected human-machine interfaces (HMIs). How is this sophisticated malware introduced into industrial control systems? It [...]
We have just published an app note which explains how a leading cybersecurity company improved its email communications and security using SP Guard. Before using SP Guard deceptive spearphishing emails were interfering with customer service email communications. Using SP Guard to differentiate real emails from attacks, customer service and security were improved. You can download the app note for free from our White Papers page.
We have posted two more videos on our YouTube Channel. In “Fighting Phishing” we how you can take the email interface back from attackers. In “The Inbox That Works” we demonstrate the Truemark service for consumers.
Following the compromise of contact information such as names and email addresses for 76 million individual customers and 7 million small businesses, JPMorgan Chase is preparing for spearphishing attacks against its customers. . Followers of Iconix know what spearphishing is -- the bad guy sends an email that pretends to be from a trusted sender. The recipient clicks a link or opens an attachment and bad things happen. When that attack targets bank customers, the obvious bad thing is a compromise that will steal the victim's money from the compromised bank. Fox News reports a list of other bad things the bad [...]
On October 5, 2014, FBI Director James Comey discussed cyber espionage with Scott Pelley of CBS 60 Minutes. At 8:50 Director Comey discusses cyber security. Scott Pelley: What countries are attacking the United States as we sit here in cyberspace? James Comey: Well, I don't want to give you a complete list. But I can tell you the top of the list is the Chinese. As we have demonstrated with the charges we brought earlier this year against five members of the People's Liberation Army. They are extremely aggressive and widespread in their efforts to break into American systems to [...]
Seculert is reporting on a simple technique that defeats sandbox protection. Seculert has identified Sazoora.B, a new version of the Sazoora.A Trojan. Among other things, what makes Sazoora.B new is that it waits 15 minutes before becoming active. The significance of this simple idea is that during this dormant phase the Trojan is undetectable. TechTarget SearchSecurity elaborates on this delay feature: Many times, systems will delay delivering an email or connecting to a webpage until a file has successfully passed the sandbox. By delaying execution by, say, 15 minutes, the target's malware analysis potentially could time out and the malware [...]
We have posted our third video on our YouTube channel. In this video, we discuss using SP Guard to help your cyber sentries tell good guys from bad guys. Cyber sentries? Yes. APT attackers use email to infiltrate systems -- turning every email user into a cyber sentry. Of course, please check out our YouTube channel.