2017 Trends: Ransomware, Malware, and Phishing -- Not Going Away Any Time Soon....

Posted by Greg Mancusi-Ungaro

Wed, Jan 18, 2017

More than 200,000 new malware samples were found every day in the first half of 2016 according to the APWG’s (Anti-Phishing Working Group) crime ware statistics.  While down slightly compared to 2015, it doesn’t necessarily signal the end of the ransomware/malware/phishing epidemic that has impacted businesses and the public for many years.

In fact, the opposite may be true, at least in highly targeted industries. Analysis of cyberattacks by BrandProtect, reveals that Q3 phishing attacks against banks, insurers, and other financial services enterprises rose 30 percent during Q3 2016 year/year.  More significantly, the BrandProtect analysis reveals that while the majority of phishing attacks remains simple in design and execution, the percentage of sophisticated phishing exploits – attacks that automate subjugation of website infrastructure and deploy multiple phishing URLs – has increased dramatically. These sophisticated attacks generate the majority of phishing URLs that must be taken down. 

“There is no doubt that sophisticated phishing attacks are becoming the norm,” said Dylan Sachs, Director of Anti-Phishing Services and Incident Response at BrandProtect. “Instead of launching attacks from a single URL, a sophisticated phishing attack will generate and launch attacks from ten, twenty, one hundred, or even more URLs. To put this in perspective, during the third quarter of 2016, just ten percent of the phishing attacks that we detected targeting our clients generated approximately slightly more than fifty percent of the URLs that needed to be taken down.”

Read More

Topics: Malware, Phishing, CISO, ransomware, Digital Governance

2017 Trends: Socially Engineered Attacks Will Grow in Scope and Scale

Posted by Greg Mancusi-Ungaro

Thu, Jan 05, 2017

In a world where billions of username/password combinations have been compromised by hackers, it is increasingly difficult to be certain that the sender of an email is the person that they claim to be. Masquerading and fictitious social accounts, copycat domains, online user groups, and rogue websites are becoming more common. These fraudulent online personalities and properties are often the launching pad for socially engineered attacks such as BEC schemes.

BEC attacks grew in sophistication and effectiveness in 2016, compromising businesses in every market -- leading healthcare organizations, an NBA team, financial institutions, the World Anti-Doping Association, to John Podesta and the Democratic National Committee. The cost of these attacks? Tens of millions of dollars, incalculable reputational damage and possibly an election....

Exploits driven by stolen or invented identities are a menace, and BrandProtect analysts believe that trend will continue in 2017. CISOs and Digital Governance teams need to prepare their company, and protect other companies from BEC and socially engineered attacks that are made using their identity or corporate personality.

Read More

Topics: cyber threats, CISO, BEC Attacks, Social Engineering, External Threat, Cyber Attack, Digital Governance

Massive Mobile App Fraud Kicks Off Black Friday Cyber Exploits

Posted by Greg Mancusi-Ungaro

Mon, Nov 07, 2016

Just as the cyber-election manipulators are finishing their work, the "for-profit" population of on-line fraudsters are coming online -- launching their efforts to bilk the public between now and November 25, Black Friday, the peak of heaviest online shopping day of the year.

Mobile app fraud is dominating the first wave of this year's Black Friday cyber attacks. First reported in the New York Post, and further reported in the New York Times, a slew of imitation and copycat mobile apps have appeared online in the last few weeks - parodying trusted brands such as Dollar Tree and Foot Locker, iconic stores like Dillard’s and Nordstrom, online retailers like Zappos.com and Polyvore, and luxury-goods purveyors Jimmy Choo, Christian Dior and Salvatore Ferragamo.

What makes this wave of fraudulent applications different is the targeted platform: Apple's iOS.

Historically, the bulk of fraudulent mobile apps detected and analyzed by BrandProtect and other vendors have appeared on various android platforms and have been distributed via third party and offshore app stores.  Not so with these rogue apps -- these have been discovered on the official Apple App Store.

Read More

Topics: black friday, mobile app monitoring, cyber monday, mobile malware, CISO, External Threat

Thanks to Yahoo!, there are 500,000,000 new reasons CISOs should think more about external threats

Posted by Greg Mancusi-Ungaro

Fri, Sep 23, 2016

 

Sad to say, but yesterday's Yahoo! news could not have been that surprising. Yahoo joins LinkedIn, Gmail, Twitter and Facebook in the pantheon of leading social networks that have suffered (very public) large-scale data breaches. Healthcare providers like Anthem, Blue Cross and many others are also members of this exclusive club. 500 million records is a lot of records, but truly, it's getting to the point where the world is awash in stolen records....

It is also not surprising that many the stories appearing today highlight the steps a company should take AFTER it has been hacked, like this one on MSNBC.  But do stories like these really solve anything?

Pundits are fond of saying "it's not IF you'll get hacked, but WHEN you'll get hacked," but that doesn't mean that enterprise security teams should roll over and await their fate. There are lots of things that enterprises can do BEFORE they get hacked that should reduce their risks from a large number of external threats...

Read More

Topics: data breach, Phishing, Spear Phishing, CISO, External Threat, Executive Threat, Masquerades

Intelligence, Or Action?
What Do CISOs Really Need?

Posted by Greg Mancusi-Ungaro

Mon, Aug 22, 2016

 

Cyber threat intelligence (CTI) is all the rage.

Every day, it seems, there is another vendor offering a new fire hose of intelligence data, trying to meet the almost insatiable demand for data of CISOs and Security Operations Centers  These feeds promise ever-increasing quantities of all kinds of cyber stuff, from inside and outside the organization, the individual streams delivered to the analytical desks, SIEMs and SOCs for filtering, analysis and attempts at big data manipulation. For the largest enterprises, acquiring and analyzing this data can cost multiple millions of dollars a year.  And as the focus of these security investments centers on the data, very few teams have built expertise to actually mitigate the threats that are impacting their organizations every day.  Mitigation? Unfortunately, for many enterprises, that's tomorrow's problem...

Read More

Topics: cyber threats, analytics, CISO, InfoSec, Threat Intelligence, SOC, External Threat, mitigation, Ponemon

Are 15% of Fortune 100 CEOs Victims of On-Line Masqueraders?

Posted by Greg Mancusi-Ungaro

Fri, Jun 10, 2016

BrandProtect recently trained our threatSMART platform on the social media presence of Fortune 100 CEOs to understand the breadth of one of social engineers' key exploits -- executive masquerades. Executive masquerades are an essential component of one the most damaging classes of modern attacks -- the BEC attack. We focused our investigation on LinkedIn and Twitter profiles and activity. 

We were surprised by what we found...

Fortune 100 CEOs are among the most respected names in business. They are also among the most careful participants in the online world. If this elite group is a target, the potential for masquerading at all levels of a company and in all industries would theoretically be much higher. 

Among the subset of Fortune 100 CEOs who maintain a LinkedIn profile, our review found that more than 15% are represented online by two or more LinkedIn profiles.

We looked on Twitter, too, and there, the numbers are worse. Among the subset of Fortune 100 CEOs who maintain a personal Twitter presence, almost 40% are plagued with duplicate Twitter accounts.

Read More

Topics: twitter, cyber threats, CISO, threatSMART, BEC Attacks, F100, Social Engineering, LinkedIN, Executive Threat

BrandProtect ThreatCast: Cast Your Nets to Catch Next Generation Phishers

Posted by Greg Mancusi-Ungaro

Tue, Apr 12, 2016

Webcast Replay:

The Latest on Attack Trends, Threat Evolution 
and Defensive Strategies for Top Cyber Threats

At the 2015 Black Hat conference, leading CISOs, asked about their top ten security pain points, ranked sophisticated cyber-attacks, phishing, and spear phishing far ahead of all other cyber risks. Even after 20+ years, phishing and related attacks are still the number one concern. And no industry is immune to phishing, spear phishing, and BEC attacks.

Phish in the wild threaten customers
• Specifically targeted phish attack executives, employees and partners
• Sophisticated spear phish can directly threaten institutional business processes.

In this one hour webcast, targeted specifically to CISOs and Security Operations leaders at financial institutions, insurance companies, health care providers, and other firms that are threatened by phishing, spear phishing and BEC attacks,

Read More

Topics: Phishing, cyber threats, Spear Phishing, CISO, BEC Attacks

Marilee Philen, Senior Cyber Threat Analyst, To Speak At Atlanta Cyber Security Summit

Posted by Greg Mancusi-Ungaro

Thu, Mar 31, 2016

Marilee Philen, senior cyber threat analyst at BrandProtect, will be speaking at next week's Atlanta Cyber Security Summit .  She will join U.S. Assistant Attorney General, the Honorable John P. Carlin along with experts from the FBI, US Secret Service and other cyber security leaders in an all day exploration of emerging cyber threats related to new risks presented by Internet of Things, the vulnerabilities of big data and cloud computing deployments. The day will close with a discussion of the state of cyber threats and the strategies to combat them.

Philen is uniquely qualified to join in this discussion, she is an ex-USAF Intelligence Analyst, with a 20+ year career in intelligence collection, analysis, and reporting.

She has served with the U.S. Air Forces-Europe, U.S. Air Force Special Operations Command, and the U.S. Strategic Command Center (USSTRATCOM).

Read More

Topics: cybercrime, Internet Threats, cyber threats, OSINT, CISO, InfoSec, Internet of Things, Threat Intelligence

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all