How to Be Prepared for the Oldest Trick in the Book....

Posted by Greg Mancusi-Ungaro

Wed, Jul 27, 2016

 

 

Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out.  Why?  Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain. 

"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee."  NY TImes, July 27, 2016

It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit:

Read More

Topics: Identity Theft, data breach, hackers, Domain Management, Phishing, cybercrime, Spear Phishing, 2016 Elections, MX Records

When You Can’t Trust Criminals on the Deep Web, Who Can You Trust?!

Posted by Jeff Daisley

Fri, Jul 31, 2015

During my morning news scan, I came across some interesting articles surrounding the recent Hell Tor deep web cybercrime forum.  And in particular, discussion about the associated text file that contained more than 23,000 records that “appeared” to be a user database populated exclusively by user accounts with dot-gov email from the Office of Personnel Management (OPM). After a close review of the file, experts stated that these records -- made available as a teaser and/or as “proof” that the hackers had compromised the agency --  were not from the OPM,  instead they were a list of users stolen from a different government agency — Unicor.gov, also known as Federal Prison Industries.

Read More

Topics: scam, hackers, cyber threats, OPM Breach, deep web, pastebin

CyberAttack Exposes IRS Tax Returns

Posted by Greg Mancusi-Ungaro

Wed, May 27, 2015

irs-phish

Just a month ago, I wrote about an emerging critical cyber threat trend -- attacks centered on health care providers and health insurance systems.  These schemes are very lucrative for thieves because the loot, electonic health records, contains everything needed -- social security numbers, known addresses, phone numbers, relatives, payment preferences -- to create duplicate identities for individuals.  Just add the photo.

Read More

Topics: Security, data breach, hackers, security breach, cybercrime, cyber threats, impersonation, PII, Health Care

Password Panic Can Put Your Brand’s Reputation At Risk

Posted by Omri Benhaim

Mon, Apr 28, 2014

Earlier this month we were all informed that the Heartbleed bug which affected versions of OpenSSL, a widely used data encryption standard had potentially compromised our personal information. Around the world the response was the same “change your password”. Seems like a simple enough solution, but if you are using an unsecure password changing it will not protect you for long. In addition if you did not wait for each website to patch their OpenSSL before changing your passwords, then your new passwords may have already been compromised too.

Read More

Topics: hackers, password protection, employees social media

Target’s Once-Stellar Reputation Is In Trouble… Big Trouble

Posted by Adriana Tayraco

Mon, Jan 27, 2014

Earlier last week Jody Westby wrote a very insightful article for Forbes highlighting the lack of experience and expertise from most board members and CEOs when dealing with serious cyber risks. A great point is made when she remarks that “they [CEOs and board members] are beginning to realize that there are best practices for cyber governance, and this involves more than asking interesting questions now and then or accommodating an annual ten-minute IT report on the board agenda”.

Read More

Topics: risk management, hackers, brand abuse, online brand protection, security breach

Do you know who is viewing your LinkedIn profile?

Posted by Rosemary Brkopac

Tue, Jan 14, 2014

A couple of days ago I filed a Notice of False profile with LinkedIn (operator of a professional networking site with 259 million members) because a fake member account had been set up involving one of my financial clients.  The perpetrator’s profile indicated that “she” was a company branch manager, and she was sending out LinkedIn invites to her “co-workers” at the financial institution.  The profile should have screamed “a fake” to experienced users of the site.  Some tell-tale signs were that the profile was bare bones, with only my client listed as an employer (along with the presence of the company logo), and the image of the individual on the page looked like a robot.   I received a quick response back from LinkedIn saying they HAD begun processing the complaint, but that it may take some time to process.  Last week the news was full of articles stating that LinkedIn had sued hackers over the creation of thousands of fake accounts.  The hackers’ objective was to tap into legitimate member profiles (which they did at apparently a rate of hundreds of thousands of profiles each day) where they could glean a plethora of personal information.  At this point the identity of the hackers is unknown, and subpoenas are being served on Amazon Web Services, the cloud platform used to create the fake accounts, in an attempt to unmask them. 

The scheme was explained in an article published by Bloomberg on January 7th which stated “hackers using automated software created thousands of fake member accounts and copied data from actual member profile pages.”  The article goes on to say “the practice, known as data “scraping,” violates LinkedIn’s user agreements and federal and state computer fraud laws, the company said in a complaint filed yesterday against the unknown hackers in federal court in San Francisco. It has also strained and disrupted the company’s network computers and threatens to degrade the value of LinkedIn Recruiter, a fee-based service used by Fortune 100 companies that’s one of the company’s fastest-growing offerings, according to the complaint”.

Read More

Topics: Brand Protection, hackers, brand abuse, brandjacking

Why the New York Times hack is a bigger deal than you think

Posted by Dylan Sachs

Thu, Sep 12, 2013

On August 27, the website for the New York Times was redirected via DNS to a server controlled by the Syrian Electronic Army.  The DNS record was quickly restored to normal, but not after the hack was discovered and talked about extensively online.

Read More

Topics: hackers, Phishing

Your Brand Under Attack; Phishing, Hacking, Brandjacking

Posted by Karim Dharamshi

Fri, Jun 22, 2012

Phishing this. Hacking that. Online scam him. Online scam her. A company’s reputation can be compromised very quickly. Every minute of every day is filled with these attacks. No company is too big or too small to be ignored. At the household level no one is spared either. We would think that given the greater awareness both companies and individuals have regarding the multitude of online threats that the attacks would actually be declining but unfortunately appear to be rising[1] and / or some instances become more sophisticated in nature.

Read More

Topics: Brand Protection, scam, hackers, Reputation Management, Counterfeiting

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

  Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all