Blog Posts Tagged with "spear-phishing"
October 02, 2012 Added by:Pierluigi Paganini
The news is circulating on the internet creating great concern once again that Chinese hackers have hit the infrastructure of a foreign state, and once again we are speaking of cyber espionage, but this time they were able to access the White House Military Office...
September 12, 2012 Added by:Pierluigi Paganini
The security firm FireEye has released an interesting report that provides an overview of the current threat landscape, evolving malware, advanced persistent threat (APT) tactics, and the level of infiltration seen in organizations’ networks today. The report presents an alarming scenario ...
August 28, 2012 Added by:Ben Rothke
It is no myth that there is plenty of money and digital assets on networks worldwide. Those that want to secure those assets need to safeguard them. This book is written specifically for smaller to medium size businesses that often lack the staff and budget necessary to ensure effective information security...
July 18, 2012 Added by:Headlines
"It is still unclear whether this is a state-sponsored attack or not. The targeted organizations seem to be spread between members of the attacking group by giving each victim machine a specific prefix name, meaning that this operation might require a large investment and financial backing..."
July 09, 2012 Added by:Dan Dieterle
The Social Engineering Toolkit included with Backtrack 5 is a great way for penetration testers to see how well their network and users would stand up to Social Engineering attacks. In this tutorial I will demonstrate how SET can be used to set up a realistic looking website to harvest e-mail usernames and passwords...
June 06, 2012 Added by:Jeffrey Carr
Google announced that it will notify a subset of its Gmail customers if they're the victim of a State-sponsored attack. Google's advice is FUD-inducing for people who aren't targets and insufficient for those who are. I have to wonder what Google was thinking when it created this awful program...
May 07, 2012 Added by:Headlines
“Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated 'spear-phishing' campaign..."
April 13, 2012 Added by:Jason Clark
With everything in the threat landscape changing so frequently, it’s important to reassess your current status and plan for the coming year, whenever we can come up for air. So, I came up with the following nine tips to help you get a fresh start this spring...
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
February 01, 2012 Added by:Headlines
"We don't have information about the people behind those attacks, however as all of them are targeting government-related organizations, it is highly reasonable to suspect that the attackers are high profile, maybe even a country..."
January 27, 2012 Added by:Headlines
The data Symantec published reinforces evidence from an earlier investigation conducted by AlienVault, which described an orchestrated sprear-phishing campaign most likely targeting information on US drone technology which utilized malware-infected PDF documents to deliver the Sykipot payload...
November 17, 2011 Added by:Headlines
“Authentication is the front line defense... This program, supported by the White House, will help stem the tide of malicious and deceptive email. This is a great example of the public and private sector working together to increase end-to-end trust of our nation’s critical infrastructure..."
November 15, 2011 Added by:Josh Shaul
A good implementation of salting before hashing can yield very secure results – however weak implementations that used fixed salt are not all that unusual, and those are quite easy to break. The stored credit card numbers were encrypted. It’s likely that these will be difficult to extract...
October 25, 2011 Added by:Joel Harding
What really set him apart was Social Engineering combined with his hacking. He did his research, he would study, he would probe, and then he would do whatever it took to get a password, to get a free account, to get root access, to get into a facility and physically touch the system...
October 05, 2011 Added by:Headlines
“The increased incidents of spear phishing targeting consumers, business and government users have accelerated the business value of email authentication. Organizations who fail to adopt are putting their employees, data and consumers at an unacceptable level of risk..."
August 16, 2011 Added by:Headlines
"Victims get a message from an address of a close associate or a collaborating organization/agency, which is spoofed. The message is crafted to look like a subscription form offering to enter Gmail credentials to activate it..."
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013
Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013
Steps Toward Weaponizing the Android Platfor... Freid Jerome on 05-17-2013