Cyber Mayhem in the 2016 Election?  You Betcha!

Posted by Greg Mancusi-Ungaro

Wed, Nov 02, 2016

Download the FREE BrandProtect eBOOK

CYBER SECURITY IMPLICATIONS OF ELECTION 2016

A Practical Guide for Business Leaders (or Politicians) to Protect
Themselves from Cyberattacks and Misinformation

The 2016 campaign has not only dramatically shifted perceptions
of politics and society, but also revealed the immediate and future challenges that face cybersecurity and digital governance professionals.  

In this eBOOK from BrandProtect, Greg Mancusi-Ungaro and Dylan Sachs chronicle some the spectacular cyber exploits that highlighted the elections, and how they serve as a object lessons for CISOs and Digital Governance professionals everywhere.  

Read More

Topics: 2016 Elections

November Threat Brief: Risk Ahead!

Posted by Greg Mancusi-Ungaro

Tue, Nov 01, 2016

 

From Elections Exploits to Bogus Black Friday Promotions, November is a holiday season for Cyber Criminals!

This month's BrandProtect Executive Threat Brief focuses in on the many traps that cyber criminials will set for you during this crazy time. Some will spring from the upcoming elections, others will be retail-shopping related, but all will be dangerous! 

Download this month's threat brief and learn more!

Read More

Topics: black friday, cyber monday, 2016 Elections, ThreatBrief

Dinner with Donald Trump?  Or Maybe Not??

Posted by Greg Mancusi-Ungaro

Tue, Aug 30, 2016

Ian Hawes wants you to have dinner with Donald Trump.  He is a 25-year old, self-proclaimed entrepreneur, and “registered genius."  Ian’s story broke Monday morning on Politico and it is a cautionary tale for anyone who values their online reputation. 

Read More

Topics: Domain Management, cybersquatting, 2016 Elections, Brand Threats, fraud, Masquerades

How to Be Prepared for the Oldest Trick in the Book....

Posted by Greg Mancusi-Ungaro

Wed, Jul 27, 2016

 

 

Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out.  Why?  Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain. 

"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee."  NY TImes, July 27, 2016

It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit:

Read More

Topics: Identity Theft, data breach, hackers, Domain Management, Phishing, cybercrime, Spear Phishing, 2016 Elections, MX Records

Latest Political Cyber Fraud: Warren Endorses Sanders??!  No... It's Fake. (She Remains Neutral)

Posted by Greg Mancusi-Ungaro

Sat, Mar 05, 2016

2016 Elections Project Update:  On Monday, just before the Super Tuesday Democratic Primaries, this "NY Times" article made the rounds on social media:

It wasn't legitimate.  And it wasn't a parody.  It was a fraud, pure and simple. 

News of this fake article exploded on Monday, sending the NY Times and many other news organizations scrambling to disavow the article and have it removed from the web. Within a few hours, it was gone. But the damage may have already been done - the article was shared over 50K times, including 15K Facebook shares.  It was probably viewed by hundreds of thousands of people across all kinds of social channels.  Enough to swing an election? Possibly!   

Read More

Topics: scam, brand abuse, Reputation Management, Social Media Monitoring, cyber threats, impersonation, CISO, threatSMART, 2016 Elections

Will the Real Donald J. Trump Please Stand Up?

Posted by Peter Dylan

Thu, Jan 28, 2016


As part of the BrandProtect 2016 Elections Project, we’ve been looking at The Donald’s use of Twitter. 

Or, more accurately, we’ve been looking at how others have been using Donald Trump's identity to promote their twitter activity.  There are lots of them.....

 

Read More

Topics: cybersquatting, online identity, twitter, brandprotect, cyber threats, Donald Trump, 2016 Elections

191 Million Voter Records Have Been Exposed. What Does it Mean To You?

Posted by Greg Mancusi-Ungaro

Fri, Jan 08, 2016

 

Over the past weeks there has been a lot of reporting, including these great pieces by Steve Ragan at CSOonline.com and Mathew J. Schwartz at BankInfoSecurity.com about a December 20, 2015 discovery that a database containing 191 Million voter records had been exposed online. As part of the BrandProtect 2016 Elections Project, we dug into the situation, and what it means to you.

Because of the nature of the exposure – effectively a database containing the records was left unlocked and unprotected – there is no way to know who might has downloaded the information.

Make no mistake, this is a big number. And it is an important number.  Consider this: the US Census Bureau estimated that there were approximately142 Million registered voters in 2014. This means that the recent exposure of 191 million voting records is not just a large data breach.  It’s a national issue -- effectively every registered voter in America has had their PII exposed... Wow...

Read More

Topics: Identity Theft, data breach, Social Media Monitoring, cybercrime, social media, online risk, PII, Spear Phishing, Voting Records, 2016 Elections

Jeb Bush Has A Domain Problem.  Do You?

Posted by Greg Mancusi-Ungaro

Tue, Dec 08, 2015

That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence.  Or is that the Trump team, laughing?  We can't be sure.  

The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)

Download the InfoGraphic

Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.

The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks. 

Game over.

When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse. 

How big a problem can it be?...

Read More

Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all