APT30 – Decades Long Cyberattack

April 17, 2015

This week, FireEye released their latest APT report – APT30: The Mechanics Behind a Decade Long Cyber Espionage Operation.  The sub-title summarizes the findings: How a Cyber Threat Group Exploited Governments and Commercial Entities across Southeast Asia and India for over a Decade.

What are the surprises in APT30? There are no surprises in APT30.  The bad guys engage in anti-forensics to avoid detection. APT30 tells us that the bad guys use spearphishing to make their initial infiltration:

APT30 LEVERAGES MAJOR POLITICAL TRANSITION AS PHISHING LURE CONTENT IN CAMPAIGN GEARED TO KEY POLITICAL STAKEHOLDERS

This is a sample of the lures used to trick users into compromising their systems:

APT30 Phishing Lure

Source: FireEye APT30

Learn more at our new blog.


Russians Access President’s Schedule

April 8, 2015

Russian hackers used compromised systems at the Executive Office of the President to access the President’s schedule.

Obama and tablet

How could Russian hackers get to the President’s schedule? Learn how at our new blog.


Cybersecurity Is No Joke – It Is A National Emergency

April 3, 2015

On April Fools’ Day President Obama issued an executive order entitled, “BLOCKING THE PROPERTY OF CERTAIN PERSONS ENGAGING IN SIGNIFICANT MALICIOUS CYBER-ENABLED ACTIVITIES.” This was not an April Fools’ prank.

Obama Cyber Briefing

Learn more at our new blog.


Spearphishing and Cyberterrorism

March 27, 2015

Writing in TechCrunch, Tom Chapman, director of cyber operations of Edgewave, describes how terrorists can apply the same techniques used against Anthem, Sony and many others to engage in cyberterrorism.

cyber terrorists

What could these technique be? Spearphishing. Learn more at our new blog.


11 Million Health Records Compromised With Deceptive Spelling

March 18, 2015

Premera, a leading health insurance company, has suffered a cyber breach impacting 11 million people. The company’s announcement says it has been the victim of a “sophisticated cyberattack.”

premera

What could this sophisticated attack have been?  Learn more at our new blog.


New White Paper – Spearphishing Countermeasures

March 17, 2015

We have released a new white paper entitled “Spearphishing Defense Using Deception Countermeasures.” This paper discusses how technical defenses (such as email filtering, malware detection, firewalls, limited user privileges, and system monitoring) leave systems unnecessarily exposed to phishing attacks because the human attack surface remains easily accessible and subject to successful attacks based on principles of psychology which are exploited using military deception. We propose deception countermeasures which modify the email interface, thereby making the user less susceptible to email-based deception. Learn more at our new blog.


Spoofing the Boss Cybercrime

March 13, 2015

Brian Krebs, writing in KrebsonSecurity, describes a scam in which criminals use email to impersonate company executives.

cyberthiefThe thieves use fake emails to issue bogus payment instructions to  finance and accounting staff.

Learn more at our new blog.


Follow

Get every new post delivered to your Inbox.