Irainian Phishing Campaign Attempts to Bypass 2FA

A new phishing campaign by the Iranian state-sponsored group known as “Charming Kitten” is using new tactics to trick users out of their passwords and both SMS and app generated two-factor codes.  Charming Kitten is tied to the Islamic Revolutionary Guard.  This campaign has been ongoing since October 2018.  Information on this attack was released on December 18, 2018 by Certfa Lab.

Targets of these attacks are high-ranking individuals in the financial ...

Continue Reading →
0

A Timeline of Russian Cyber-Exploits

We have been investigating Russian cyber-attacks this week.  Today we publish a timeline of Russian cyber-activities.  In the interest of space, I am publishing just the timeline with little descriptive content.  I have included a download link to a PDF and spreadsheet of the timeline with more detail, and links to sources.

Notice how these cyber attacks started out in 2004 as small, unsophisticated ...

Continue Reading →
0

Russian Active Measures for the Internet Age.

Is Donald Trump Putin’s Revenge?

Was the election of Donald Trump the result of the successful application of “active measures” by Russia? Did the massive Facebook and Twitter campaigns by the Russians change public opinion enough in the final days of the Presidential campaign to move the needle and help Trump win?

According to Retired KGB Maj. Gen. Oleg Kalugin, former Director of Foreign Intelligence ...

Continue Reading →
0

Are The Russians Really Attacking Us?

It seems that hardly a week goes by without some new cyber-attack being attributed to Fancy Bear, Cozy Bear, Grizzly Steppe, or some other cute-sounding Russian hacker collective.  One the one hand, we have the DHS, FBI, and US-CERT attributing these attacks to the Russians.  There are others, including those working in the cybersecurity profession, that are suggesting that the attackers are not agents of the Russian government, but merely opportunistic ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Serious D-Link router security flaws may never be patched

Six routers with serious security flaws are considered end of life (EOL) and may never be updated.  The D-Link models affected are the DWR-116, DWR-140L, DWR-512, DWR-640L, DWR-712, DWR-912, DWR-921, and DWR-111, six of which date from 2013, with the DIR-640L first appearing in 2012 and the DWR-111 in ...

Continue Reading →
0

Problems with Password Manager Phone Apps

If you use a password manager app on your smartphone, it may be vulnerable to package name spoofing, which would allow the password manager’s autofill feature to enter your login credentials on a spoofed web form.  This vulnerability applies to popular apps from LastPass, Dashlane, Keeper, and 1Password.

I have been an advocate for password managers.  They are part of the solution to creating ...

Continue Reading →
0

Exploit Targets Info Tech Support Companies

The holy grail of a cyber-attacker is the ability to achieve remote access to a computer on a network.  It is even better when the attacker can get administrator privileges.  Then they have the ability to do anything they need to do on the compromised computer to cross the network and compromise other computers and servers.  Who has this kind of access already?  ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Potential Hurricane Florence Phishing Scams

09/14/2018 02:19 PM EDT

NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in handling any email with a subject line, attachments, ...

Continue Reading →
0

Botnet Targets Banks With Phishing Emails

Cyber-criminals are using a botnet to send phishing emails with the apparent purpose to test a new email attachment type.  Over the course of three weeks starting August 10th, this cyber-gang released seven different types of phishing emails to over 3,000 banks around the world.  They appear to be testing which of these several approaches is most successful at tricking recipients into opening the email attachment.

The attachment itself is also something different – Microsoft Excel Web Query files that use ...

Continue Reading →
0

Two Easy Ways To Breach Company Networks

Bad news – your small business network is easy for an attacker to access, and for most of you there are two or more exploitable attacker vectors.  A recent report from Positive Technologies analyzed the results of 22 penetration tests on companies from finance, transportation, retail, and even information technology.  All of the companies were breached with little difficulty.  The two easiest methods of unauthorized network access were not terribly surprising:  Wi-Fi networks, and company employees.

Continue Reading →
0
Page 1 of 8 12345...»