Cyberattack Evolution

Social engineering cyberattacks target people. The objective of these cyberattacks is to trick people into compromising their systems. In a recent webinar (registration required), Proofpoint demonstrated how the Dridex attackers modified their malicious attachment to improve its performance. For this attack to work, the user must activate scripts. The user interaction process evades malware detection over 99% of the time -- but it depends upon the user taking the required steps. How can the attacker convince the victim to enable scripts in the face of the system generated warning? The first generation attack in October 2014 presented only the system generated warning. [...]

2017-01-07T17:35:09-05:00December 22nd, 2015|Cybersecurity - General, spear phishing, Uncategorized|

Kaspersky Releases 2015 Top Security Stories

Kaspersky just released its 2015 Top Security Stories. The major theme is the growth of targeted attacks. In the targeted attack, the bad guy infiltrates systems by socially engineering the users. Kaspersky created this graphic which shows how a gang of cybercriminals stole $1 billion. As you can see, the infection phase uses a spearphishing email to gain the entry into the systems. This report from Kaspersky emphasizes the need to provide users with tools that help them fight spearphishing attacks. That is where SP Guard from Iconix adds a new layer of security by helping employees identify malicious emails.

2017-01-07T17:35:09-05:00December 4th, 2015|Cybersecurity - General, SP Guard, spear phishing|