October 10, 2012
Spear Phishing Remains Most Difficult Attack to Defend Against
Spear-phishers, like the ones that compromised a White House network last week, are implementing new evasion tactics, fundamentally changing their attack strategies, and revolutionizing the targeted threat model. One of the newer attack strategies is the relatively recent ‘watering hole’ technique, but the changes also include an increased focus on victim behavior, and the adoption of successful tactics used by other factions of the cybercriminal world, specifically scareware and ransomware.
Infographic via Websense

Spear Phishing Remains Most Difficult Attack to Defend Against

Spear-phishers, like the ones that compromised a White House network last week, are implementing new evasion tactics, fundamentally changing their attack strategies, and revolutionizing the targeted threat model. One of the newer attack strategies is the relatively recent ‘watering hole’ technique, but the changes also include an increased focus on victim behavior, and the adoption of successful tactics used by other factions of the cybercriminal world, specifically scareware and ransomware.

Infographic via Websense

January 18, 2012
A Summary of Facebook Attacks:
Related Threatpost story: Identities, locations, and exploits of the “Koobface Gang’ that has wrought havoc on Facebook for years are well known, but they remain free.

A Summary of Facebook Attacks:

Related Threatpost story: Identities, locations, and exploits of the “Koobface Gang’ that has wrought havoc on Facebook for years are well known, but they remain free.

September 19, 2011
"I can imagine that there are some people out there who will be so intrigued by the illegible message that they will open the archive file and then, out of curiosity, run the .exe file."

— Natalia Zablotskaya discussing the irresistible pull of curiosity that hooks many social engineering victims. (via lennyzeltser)

(via lennyzeltser)

May 3, 2011
Via Securelist:
Screenshot of (largely failing) attempts by scammers to exploit recent news of Osama bin Laden’s death.

Via Securelist:

Screenshot of (largely failing) attempts by scammers to exploit recent news of Osama bin Laden’s death.

Liked posts on Tumblr: More liked posts »