SANS: Phishing Exploits Are The Top Threat

The SANS institute released the results of  a new survey recently, and found that cybersecurity professionals ranked phishing as the number one exploit this year.  Phishing awareness training programs were seen by many as the best defense against phishing, spearphishing and whaling exploits.  Something that was new this year was the reporting of so-called “malware-less” exploits that use “the built-in features of the operating system to turn it against itself without downloading ...

Continue Reading →
0

Malicious Android Apps Steal Text Messages

Sophos Naked Security alerted us to two Android apps that are included in the Google Play Store as legitimate apps.  This makes these apps particularly dangerous, if you are following our advice to only install apps from legitimate sources.  Once installed, they download a plug-in that harvests your text messages and sends them to a web server.  Since the plug-in is downloaded after ...

Continue Reading →
0

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more access ...

Continue Reading →
0

US-CERT Warns About Airline Phishing Scams

What if there was a new phishing scam that had an open rate of 90%.  That’s right, this phishing email is so believable, 90 out of 100 recipients open the the attachment or click on the link without a second thought.

These attacks begin with the scammer researching the target victim.  These targets usually work at companies where there is a lot of air travel. ...

Continue Reading →
0

Security Standards for the Internet of (Insecure) Things?

Everything you can think of and many things you have never dreamed of are being manufactured with little Linux operating systems and wireless Internet connections. Or in simpler terms, a brain, storage, and communications ability. This is the Internet of Things (IoT).  Lots and lots of “smart” devices talking to each other and phoning home to some data collection or dissemination point.  If only the people who are designing these devices, ...

Continue Reading →
0

Malware Turns Smartphone Into Eavesdropper

I read an interesting article on Naked Security the other day about how Hamas had used Facebook and social engineering tactics to trick Israeli soldiers into installing surveillance malware.  The malware allowed Hamas to track the soldiers using the phone’s GPS, and to turn on the microphone and video to actually listen in and and watch their targets.  Hamas undoubtedly picked up the malware ...

Continue Reading →
0

Credential Stealing Malware in PDF Attachments

On Wednesday we talked about a phishing exploit that used malware to provide remote access and steal the personal information of the victims.  Today we continue the story with a similar exploit, called “Fareit” to “ferret out” the user credentials and other personal information the victims.

This exploit uses a phishing email to send the target either a PDF attachment or a Word attachment.  The PDF variant uses Windows Powershell to install.  The ...

Continue Reading →
0

Your Smartphone and Tablet Need Security Too

phone-thiefMobile smart devices have all the capabilities of a laptop or computer.  What this means from a cybersecurity perspective is that they are every bit as vulnerable as a laptop or desktop computer.  The fact that they are small makes them easy for a thief to slip in a pocket or backpack and carry away, along with your personal information, contacts, pictures, geo-location history, and a raft of critical and revealing information.

In ...

Continue Reading →
0

Does Your Computer Have A Malware Infection?

malwareToday we are going to look at the symptoms that your computer may be displaying that are indications of a malware infection.

Visual Symptoms

These are signs that you will see on your computer display, and are the most obvious symptoms.

  • Ransomware  – The last stage of a ransomware or cryptoware infection is the prominent display of instructions on how to pay the attackers to get your decryption key
  • Fake Security Pop-Up – I haven’t ...
Continue Reading →
0
Page 1 of 2 12