Post Tagged with: "e-mail"

Wire Transfer Scam Shows Assertiveness Works with Phishing, Too

March 31, 2015 00:00Comments Off on Wire Transfer Scam Shows Assertiveness Works with Phishing, Too
The controversy over SSL-busting software on Lenovo laptops keeps getting bigger. Is this the end of SSL?

In-brief: Websense has uncovered a phishing scam that uses “urgent” e-mails from executives to fool employees into wiring money overseas. 

Read more ›

Was Malware Behind A Billion Dollar Heist?

February 15, 2015 17:49Comments Off on Was Malware Behind A Billion Dollar Heist?
A report by Kaspersky Lab says that a cybercriminal group may have made off with close to $1 billion with malicious software-based attacks on more than 100 banks in 30 countries.

In-brief: The New York Times reports on a massive online heist involving more than 100 banks worldwide and losses of between $300 million and $1 billion, according to the security firm Kaspersky Lab. 

Read more ›

With Multi-Vector Attacks, Quality Threat Intelligence Matters

December 23, 2014 09:151 comment
String of pearls attacks require organizations to synthesize threat intelligence from many sources, Cisco's Scott Harrell argues.

In the last year, the world’s attention has been riveted by a series of high-profile hacks of major corporations in retail, finance and the entertainment industry, among others. Each of these incidents is unique, involving different threat actors and motives. However, each of these attacks is also a sterling example of what we, at Cisco, term “multi-vector attack” that employs a range of technologies, deployed in numerous stages, to penetrate the defenses of the target organization. Here at Cisco, we have studied these attacks in-depth and have identified some commonalities among these multi-vector attack, and useful approaches to combat them. This blog post will discuss some of our findings. About Multi-Vector Attacks Any cyber attack, large or small is born from a weak link in the security chain. These weak links take many forms: poorly configured Web servers, gullible employees or vulnerable-but-common applications like Microsoft Office, Adobe Reader and Java are common examples. Multi-vector  attacks […]

Read more ›

Report: Cyber Ring Stole Data To Game Stock Market | Reuters

December 1, 2014 09:33Comments Off on Report: Cyber Ring Stole Data To Game Stock Market | Reuters
According to FireEye, the group known as FIN4 used targeted phishing e-mail to gain intelligence on pending announcements, allowing them to trade profitably on the news.

Reuters has the story this morning about a new report out from the folks at FireEye about a cyber espionage ring that targets financial services firms. The campaign, dubbed FIN4 by FireEye, stole corporate secrets for the purpose of gaming the stock market. FireEye believes that the extensive cyber operation compromised sensitive data about dozens of publicly held companies. According to FireEye the victims include financial services firms and those in related sectors, including investment bankers, attorneys and investor relations firms. Rather than attempting to break into networks overtly, the attackers targeted employees within each organization. Phishing e-mail messages led victims to bogus web sites controlled by the hackers, who harvested login credentials to e-mail and social media accounts. Those accounts were then used to expand the hackers reach within the target organization: sending phishing email messages to other employees. The criminals behind FIN4 sought data that could be useful to stock traders, including Securities and […]

Read more ›
%d bloggers like this: