Tag: phishing

Repair shops for televisions and other appliances have largely disappeared in recent decades. A lack of after market parts and tools is one big reason says Kyle Wiens of Repair.org.

A Right to Repair the Internet of Things? Spear Phishing Detection and Nonstop Attacks on DVRs

In-brief: In the latest Security Ledger podcast we talk about pending right to repair laws and their impact on the Internet of Things. Also:  Facebook’s Internet Defense Prize went to a better method for spear phishing detection. We talk to a member of the winning team. And, Johannes Ullrich of The Internet Storm Center joins us to talk about a study he did to measure the frequency of attacks on a common IoT device: digital video recorders.

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Operation Lonely Guy: Iranians Use Cute Girl Profile to Cultivate, Compromise Targets in Middle East

Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services.  The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]

What’s a Good Password? NIST says One that hasn’t been stolen

What’s a Good Password? NIST says One that hasn’t been stolen

In-brief: what’s a good password? According to new guidelines from NIST: one that hasn’t already been stolen by hackers.

Google Docs Scam Highlights Phishing’s Low, Low Bar

Google Docs Scam Highlights Phishing’s Low, Low Bar

In-brief: There were a thousand reasons not to click on that Google Docs link…but thousands of people did anyway. Why?

Most U.S. adults had trouble identifying key cyber security concepts including what data was secure online and the definition of a botnet.

You Don’t Know Hack: Public Struggles with Cyber Security Concepts

In-brief: U.S. adults may be able to identify a strong password when they see one, but on many questions of how to identify and protect themselves from online threats, they are worryingly ignorant, according to a new survey by The Pew Center.