Category: Phishing

The information below is an update to the following blog posting: How Will ICANN’s Newest Domain Name Program Affect Your Company’s Brand?

Trademark owners outside of the adult industry may sign up with ICM Registry to block trademarks from showing up on its new .XXX gTLD. Trademark owners have been making several common errors when applying for a .XXX gTLD.[1] If your company plans on submitting an application before the Sunrise B October 28, 2011 deadline, keeping these mistakes in mind can help you avoid paying multiple fees and having to reapply.[2]
Read the rest of this entry »

Internet Corporation for Assigned Names and Numbers (ICANN) has instituted a new generic top-level domain (gTLD) program that will create a means for prospective registry operators to apply for new gTLDs, and create new options for consumers in the market. Every domain name around the world ends with a top-level domain (TLD); these are the two or more letters that come after the dot following a web address. Read the rest of this entry »

Excellent overview of recent landmark phishing case along with joint NAFCU-Cyveillance podcast: http://blog.nafcuservices.com/2011/08/23/landmark-legal-case-if-your-members-have-been-phished-your-credit-union-may-have-to-pay/

A targeted scam or “Spear Phishing” attack making the rounds today invokes the National Security Agency and takes advantage of recent news about a hack of RSA’s two-factor security tokens. Cyveillance has now captured examples and reports of several variants of this email, most sent under the subject lines “Token Code Update” or “Security Token Update”. Read the rest of this entry »

If there’s any message you should take away about utilizing social media in a secure manner, it can be summarized in one word: education. Read the rest of this entry »

Here’s a true story I like to tell to explain how wide the social media “generation gap” is. And, no, I’m not making this up:

Two Australian girls, ages 10 and 12, got stuck in a storm drain. To get help, they whipped out their smartphones and posted Facebook status updates to say they were lost in a local drain, and someone needed to call 000 (Australian 911). Read the rest of this entry »

In a previous blog, our CTO, Manoj Srivastava, discussed how the methodology of modern cyber crooks has evolved, how adept they are today at exploiting the human instinct to trust. Read the rest of this entry »

As the CTO of a leading cyber-intelligence company, I’m often asked about the biggest game-changer in IT security today: What’s the latest technique that hackers are deploying to compromise networks with advanced persistent threats (APTs)? Read the rest of this entry »

The content management system WordPress is a fantastic tool. Its ease of use has has helped it become the most popular blogging tool out there. Its most recent version has been downloaded more than 5.7 million times as of this writing.

The popularity of WordPress has made it a very attractive target for cyber attackers. Like most software, eventually security holes are found that allow hackers inside. Once a site is breached, it can be used for many illegal purposes like distributing malware, hosting phishing attacks, and marketing counterfeit pharmaceuticals. Blog owners need to be ever vigilant to ensure there software is current with all updates including blog software to plug security holes.

WordPress developers have been great about patching those holes quickly. Despite being on top of vulnerabilities, there are still some steps that should not be tough to implement but should make the web a safer place.

• Please stop advertising the version number in the source code. In 2008 Google’s Matt Cutts made the recommendation to WordPress webmasters to delete the part of the software’s code that advertises which version of the software is being run. This information is used by hackers to determine which attacks might work against a given website. Removing this announcement will make hackers’ work much harder.
• Please email the blog’s owner until they upgrade to the newest version.

  

  In recent years, WordPress began notifying site admins in the tool’s dashboard view with a message saying that a new version of WordPress was available, and offered a link to upgrade immediately. This is very helpful.

  But often blogs are abandoned out there and site admins never see this message. Why wait until a webmaster returns? Like a beeping car when your seat belt is unbuckled, WordPress could email the admin on a regular basis to remind them that they have to upgrade, reducing the number of vulnerable websites out there online. WordPress already emails site owners when blog comments are awaiting approval, so this should be pretty easy to implement.

Note that out of date WordPress installs are not the only pieces of software contributing to web server infections. Shopping cart software, forum software, and photo gallery software all tend to be targeted. WordPress installs are likely more common than all of those, so it would make sense to make its security a priority.

Make no mistake, we love WordPress. We use it on this very site. But there are a couple of steps that would appear to be low-hanging-fruit that Matt Mullenweg and the WordPress development crew could take to make an impact on hacked sites on the web.

If you run WordPress and suspect your site’s been hacked, please see this official FAQ from the WordPress team!

As reported in the upcoming release of the Cyveillance Intelligence Report, overall phishing attack volume declined during the second half of 2010 compared to the first half of the year, averaging over 19,000 confirmed, unique attacks per month. However, the level of sophistication and emphasis on targeted attacks continues to rise. As a result, despite the number of attacks going down, the ability of phishers to be successful has risen significantly as evidenced by the growing number of spear phishing attacks and Advanced Persistent Threats (APTs) reported during the half.

The amount of attacks seen monthly is down compared to the first half of the year and could be related to the recent decline in spam, but the overall volume confirms that the problem of phishing is still easily one of the top threats on the Internet. Specifically, the use of more sophisticated and targeted attacks result in greater success and lucrative opportunities for online criminals. A recent story regarding socially-engineered attacks against High Value Targets (HVTs) in the Canadian government provides a great example of the danger this new breed of attack poses to organizations.

Organizations should continue to monitor for suspicious activity related to the attack described in the article above as well as educate their users on the latest threats that plague the Internet. Users can minimize the potential for falling victim to email and Web-based attacks by never clicking on links within emails and only accessing their online applications through known Web sites and pages.