SpearPhishing
Latest
Google stats show how much a recovery number prevents phishing
In case you haven't already set up a recovery phone number for your Google account, and enabled extra security features like multifactor authentication, the search giant is using hard data to explain why you should. Interestingly, studies (1)(2) researchers presented this week at The Web Conference found that simply adding a recovery phone number to an account blocked 100 percent of automated attacks, 99 percent of bulk phishing attacks and 66 percent of targeted attacks during the period they investigated. That's why you should take advantage of a tool like the Security Checkup now, while your account is still secure, and get at least that level of protection enabled.
EU approves cyber-attack sanctions ahead of election
The European Union has agreed to an automatic set of sanctions to punish any future cyber attackers. Just a week ahead of the EU Parliament elections, officials in Brussels on Friday approved a cyber sanctions regime that would impose asset freezes and travel bans on individuals. While no specific targets have been named yet, the EU hopes the new system will make it easier for the 28 member nations to act quickly in the event of a cyber attack.
US charges China-based hacking group for massive 2015 Anthem breach
Four years after hackers committed one of the worst data breaches in history, the US Justice Department has charged a "sophisticated China-based hacking group" with the attacks. An indictment released yesterday charges two members of the group, Fuji Wang and another listed as John Doe, with four counts of conspiracy and intentional damage. According to the indictment, Wang and Doe allegedly broke into and stole data from computer networks in four distinct business sectors. The most high-profile hit was the 2015 Anthem breach, in which prosecutors say the hackers stole personal information from nearly 80 million people.
Microsoft: Russian hackers are trying to influence EU elections
The European Elections come at a crucial time for the world, since their outcome could ultimately dictate if peace in Europe can be maintained. That explains why the number of attempts to undermine the process by a hostile nation state (with a name that rhymes with blusher) is intensifying. Microsoft has revealed that it's not just political campaigns that have come under fire, but the broader pillars of the political process.
Chinese spies linked to decade-long hacking campaign
China's long-running hacking efforts may be more extensive than first thought. Security researchers at ProtectWise's 401TRG team have determined that a long series of previously unconnected attacks are actually part of a concerted campaign by Chinese intelligence officials. Nicknamed the Winnti umbrella, the effort has been going on since "at least" 2009 and has struck game companies (like Nexon and Trion) and other tech-driven businesses to compromise political targets.
North Korea hackers steal bitcoin by targeting currency insiders
Bitcoin values are skyrocketing, and North Korea appears to be trying to profit from that virtual gold rush. Secureworks reports that the Lazarus Group (a team linked to the North Korean government) has been conducting a spearphishing campaign against cryptocurrency industry workers in a bid to steal bitcoin. The attacks have tried to trick workers into compromising their computers by including a seemingly innocuous Word file that claims they need to enable editing to see the document. If they fell prey, it installed a rogue macro that quietly loaded a PC-hijacking trojan while staffers were busy looking at the bogus document.
Pros weigh in on phishing the White House
Just before Anthony Scaramucci's 15 minutes -- er, I mean 10 days -- of White House fame were up, a man in the UK (who imaginatively calls himself "Email Prankster") had some choice words with him via email. Nothing weird there you think? Except that he did it while posing as former White House Chief of Staff Reince Priebus. Not that getting "the Mooch's" metaphorical goat was expected to be difficult. Especially after he went ballistic on New Yorker reporter Ryan Lizza for merely mentioning his enemies. No, the remarkable thing was that Scaramucci was one of many the prankster fooled among Trump's totally cyber-savvy and not-chaotic White House cabinet of curiosities.
CNN: Email 'prankster' catfished White House personnel
Ready for another story about political emails? CNN reports tonight that a person described as a "prankster" from the UK emailed several White House officials and successfully fooled them into believing he was a colleague. That included a message claiming to be from senior adviser Jared Kushner to Homeland Security advisor Tom Bossert, which teased out a response from Bossert that included his personal email address. The emailer tweets under the handle SINON_REBORN, where he has posted screenshots of the emails.
After the election, hackers target think tanks with phishing attacks
Now that the election is over, the Russian teams of hackers suspected of breaking into the Democratic Party's systems have reportedly launched a new phishing attack on US political think tanks and non-government organizations. Incident response firm Volexity has compiled information on "The Dukes" (aka APT29 or Cozy Bear) that it believes are behind the attacks. This time around, they worked by posing as a Harvard professor, sending links to Microsoft Office Word or Excel documents that contained a macro used to install a malware downloader on that target's computer. Once installed, it downloads a PNG file that has a backdoor embedded via steganography.
Evidence ties Russia to Podesta and Powell email hacks
Back in March, Hillary Clinton's campaign chairman John Podesta received a frantic-sounding email about his account security and clicked a shortened link that appeared to be from Google. Instead, it redirected to a spoof page that gave hackers access to his password. Half a year later, WikiLeaks started publicly releasing thousands of his emails on October 9th, a month after the seemingly unrelated leak of Gen. Colin Powell's personal messages. Security firms, journalists and a hive of independent researchers have spent the interim analyzing the digital break-ins and have arrived at the probable culprit behind these and several other hacks: Russia. But definitively attributing it to the country's intelligence services is difficult, if not impossible.
Researcher-created Twitter bot phishes two out of three users
Phishing, the malevolent hacker technique of getting hapless folks to click malevolent links, just got a powerful new weapon. Black Hat researchers have created a Twitter bot that reads your tweets and sends you a message catered to your interests — along with a shortened URL leading to hacktown.
