Hackers working on behalf of the government of Iran are using alluring social media profiles featuring a young, English photographer to entice and then compromise the systems of high value targets in the oil and gas industry, according to a report by Dell Secureworks. In a report released on Thursday, Secureworks’ Counter Threat Unit (CTU) said that it observed an extensive phishing campaign beginning in January and February 2017 that used a polished social media profile of a young, English woman using the name “Mia Ash” to conduct highly targeted spear-phishing and social engineering attacks against employees of Middle Eastern and North Africa firms in industries like telecommunications, government, defense, oil and financial services. The attacks are the work of an advanced persistent threat group dubbed COBALT GYPSY or “Oil Rig” that has been linked to other sophisticated attacks. The attacks, which spread across platforms including LinkedIn and Facebook, as […]
Tag: social networking
In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there were many lessons in that incident – some of which the U.S. and its allies are still struggling to learn.
In-brief: security experts are warning about the threat posed by third-party applications that tap into prominent social media platforms like Twitter after accounts belonging to media organizations and prominent personalities were hacked and hijacked to display messages accusing Dutch and German officials of Nazi sympathies.
In-brief: sophisticated hacking crews with ties to the Russian government compromised computer networks run by the Democratic National Committee and absconded with oppositional research on presumptive Republican nominee Donald Trump.
A hacker or hacking group going by the name of “OurMine Team” briefly took control of Facebook chief Mark Zuckerberg’s Twitter and Pinterest accounts, apparently using information from a major LinkedIn security breech that occurred in 2012.
According to OurMine Team, the passwords to Zuckerberg’s little-used Pinterest and totally dormant Twitter accounts were apparently the same as those for his LinkedIn login (“dadada”). Both Twitter and Pinterest rapidly restored control of the accounts over the weekend, …read more