SANS: Phishing Exploits Are The Top Threat

The SANS institute released the results of  a new survey recently, and found that cybersecurity professionals ranked phishing as the number one exploit this year.  Phishing awareness training programs were seen by many as the best defense against phishing, spearphishing and whaling exploits.  Something that was new this year was the reporting of so-called “malware-less” exploits that use “the built-in features of the operating system to turn it against itself without downloading ...

Continue Reading →
0

Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more access ...

Continue Reading →
0

What Can I Do With A Hijacked Email Account? Part 2

On Monday we opened this discussion about hijacked email accounts, and showed some examples of the phishing tricks that attackers use to get you to reveal your email password.  Today we will explore the many useful and profitable exploits that a compromised email account offers a cyber-criminal or other attacker.

I consider email account compromise to be one of the most personally harmful cyber-exploits.  When another person has access to your email ...

Continue Reading →
0

New PowerPoint Exploit Launches on Hover

A new exploit that uses a PowerPoint feature that enables “mouse-over actions.”  This feature allows a PowerPoint slide show to initiate activity without having to actually click on a link.  Just hovering on a link is enough to advance to the next step.  Since we have been teaching people for years to reveal a link destination by hovering over a link to show the top tip box, this exploit would take ...

Continue Reading →
0

US-CERT Warns About Airline Phishing Scams

What if there was a new phishing scam that had an open rate of 90%.  That’s right, this phishing email is so believable, 90 out of 100 recipients open the the attachment or click on the link without a second thought.

These attacks begin with the scammer researching the target victim.  These targets usually work at companies where there is a lot of air travel. ...

Continue Reading →
0

EyePyramid – Data Stealing Trojan Horse

I read a story in Naked Security recently that reported the arrest of a couple of Italian cyber-criminals who have been stealing personal information from Italian mayors, prime ministers, cardinals, and other notables since 2010.   They used a phishing exploit to install a Trojan Horse/keylogger called EyePyramid.  There were a couple of things that caught my eye.

The first is the sheer volume of data stolen – 87 gigabytes!  This information was ...

Continue Reading →
0

US-CERT Warns Against Phishing and Social Engineering Exploits

US-CERTWe continue to hear from security researchers and professionals that an astonishing 95% of all exploits begin with someone opening an attachment or clicking a link on a phishing email.  I have a client where two different employees opened the attachment on an email from “FedEx” and became infected with crypto-malware.  These incidents happened nearly a week apart, and you think that the second ...

Continue Reading →
0

Does Your Computer Have A Malware Infection? – Part 2

malwareOn Wednesday we looked at the obvious, visual symptoms of a malware infection.  Today we will explore some changes in performance that can indicate that your computer is infected.

Performance Symptoms

Most malware writers are NOT interested in giving you easy visual clues, but the malware will create additional activity on your system that can tip you off to an infection.

  • Constantly Flashing Hard Drive Light – If the hard drive activity light is constantly ...
Continue Reading →
0

Does Your Computer Have A Malware Infection?

malwareToday we are going to look at the symptoms that your computer may be displaying that are indications of a malware infection.

Visual Symptoms

These are signs that you will see on your computer display, and are the most obvious symptoms.

  • Ransomware  – The last stage of a ransomware or cryptoware infection is the prominent display of instructions on how to pay the attackers to get your decryption key
  • Fake Security Pop-Up – I haven’t ...
Continue Reading →
0
Page 1 of 3 123