Spearphisher Steals $100 Million from Google and Facebook

Google and Facebook were victims of a spearphishing scam in which the attacker stole $100 million. Paragraph 6 of the indictment details some of the allegations: ... as part of the scheme, fraudulent phishing emails were sent to employees and agents of the Victim Companies. The emails purported to be from employees and agents of Company‑1 [the real supplier], but in truth and in fact, they were not sent or authorized by employees or agents of Company‑1. The fraudulent emails were sent from email accounts that were designed to create the false appearance that they were sent by employees and agents [...]

2017-04-28T15:11:05-07:00April 28th, 2017|Iconix Truemark Service, Phishing, SP Guard, spear phishing|

City of Newark Hit With Ransomware

According to TAPintoNewark, the online newspaper in Newark, Jersey, someone is shaking down the City of Newark for 24 Bitcoin (about $30,000) in a ransomware attack. How did this happen?  TAPintoNewark explains: The RSA-2048 maleware typically infects a user's computer when they are tricked into running an attachment in a spam email. Once the maleware is launched, it encrypts files and requires a "private key" to open them. The private key is only provided after the user pays the ransom. Why would a user open an evil email and then run an evil attachment?  Because the email is a carefully crafted work [...]

2017-04-27T15:37:06-07:00April 26th, 2017|Cybersecurity - General, SP Guard, spear phishing|

Spearphishers Target UK Foreign Office

SC Media is reporting that the cybercriminals known as the Callisto Group have been targeting the UK Foreign Office. SC Media reports that the unknown attackers are seeking to steal information regarding European foreign and security policy from military personnel, government offices, think tanks and journalists. The targets are concentrated in Eastern Europe, the South Caucasus, Ukraine and the U.K. The tool of choice -- Spearphishing.  

2017-04-21T16:24:10-07:00April 21st, 2017|Cybersecurity - General, SP Guard, spear phishing|

New Cyber-Booby-Trap

This week's patch Tuesday brought a Microsoft Word patch to fix a particularly nasty exploit used by bad guys to compromise your system. The traditional attack progresses through eight steps: 1. Email bypasses defenses, delivered to inbox. 2. User sees email. 3. User opens email. 4. User sees attachment. 5. User opens attachment. 6. User sees active content prompt. 7. User enables active content. 8. Evil activated. The exploit eliminated  steps 6 & 7. Using the exploit, the attacker was able to install tools merely by the user opening the attachment, without the user enabling the active content. As soon as the user opens [...]

2017-04-12T15:50:57-07:00April 12th, 2017|Cybersecurity - General, SP Guard, spear phishing|