How to Be Prepared for the Oldest Trick in the Book....

Posted by Greg Mancusi-Ungaro

Wed, Jul 27, 2016

 

 

Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out.  Why?  Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain. 

"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up misdepatrment.com — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee."  NY TImes, July 27, 2016

It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit:

Read More

Topics: Identity Theft, data breach, hackers, Domain Management, Phishing, cybercrime, Spear Phishing, 2016 Elections, MX Records

APWG - the Anti Phishing Working Group - is coming to Toronto

Posted by Greg Mancusi-Ungaro

Wed, May 18, 2016

In just two week's time, June 1-3, 2016, BrandProtect and Toronto will play host to one of the most influential cross-industry consortiums in the security industry, the Anti Phishing Working Group

With phishing and especially spear phishing/socially-engineered phishing effectively targeting enterprises with devastating ransomware, malware, or BEC attacks, the role of the Anti-Phishing Working Group (APWG)  has never been more important. The latest data on trends, attack specifics, and defensive strategies to fight phishing and social engineered phishing will be shared at the annual gathering of APWG, this year themed: eCrime2016.

BrandProtect is proud to be a key partner and local host for this event.

Read More

Topics: Identity Theft, Phishing, Spear Phishing, MX Records

BrandProtect Announces Major Updates to threatSMART Platform

Posted by Greg Mancusi-Ungaro

Thu, Apr 28, 2016

New Features Enhance Proactive Defenses Against Modern Cyber Exploits, Including Socially Engineered Spear Phishing, Ransomware and other BEC Attacks

TORONTO – April 27, 2016BrandProtect has significantly extended its industry leading threatSMART™ platform for cyber threat monitoring, intelligence, and mitigation with key features designed to speed analysis and enhance proactive defenses against modern cyber exploits, including socially engineered spear phishing, ransomware, and other business email compromise (BEC) attacks. New platform enhancements include MX-Record Monitoring, Advanced Incident Correlation, the BrandProtect ThreatCenter™, and new direct connections of threatSMART data feeds to popular enterprise threat analytics platforms Splunk and HP ArcSight.

“Enterprise-targeted cyberattacks are evolving rapidly. Socially engineered phishing, BEC and other focused, and unfortunately, effective schemes dominate the concerns of enterprise CISOs everywhere,” said Roberto Drassinower, BrandProtect CEO. “Today we announce the latest of our continuous enhancements to our threatSMART platform, again directly addressing the most important pain points that CISOs now face. We are filling the gaps for threat detection, intelligence, and mitigation of cyber threats that arise beyond the traditional security perimeter.”

Read More

Topics: Domain Management, cybersquatting, Phishing, cyber threats, Spear Phishing, CSO, threatSMART, ThreatCenter, MX Records, Splunk, ArcSight

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Recent Posts

Posts by Topic

see all