Insider threats: A persistent and widespread problem
In this feature, we take a look at some of the key things you should be aware of to ensure that you are well-equipped to deal with insider threats.
Social Engineering
Just 6% of UK workers trained for phishing attacks, reveals study
Just six percent of British employees have received training in dealing with phishing attacks, a survey has revealed.
Will people always ignore security warnings?
How much of people's willingness to ignore security warnings is down to their brains?
4Chan: destructive hoaxes and the Internet of Not Things
The media have associated a number of destructive hoaxes with 4chan: people need some historical perspective on how the site actually works.
Free iPhone 6 Facebook scam does the rounds, right on time
Facebook scams tend to crop up in the run-up to a big Apple launch with around the same regularity as big Apple launches themselves. This week’s iPhone 6 launch is no exception.
TorrentLocker now targets UK with Royal Mail phishing
Three weeks ago, iSIGHT Partners discovered a new Ransomware encrypting victims’ documents. They dubbed this new threat TorrentLocker. TorrentLocker propagates via spam messages containing a link to a phishing page where the user is asked to download and execute “package tracking information”. In August, only Australians were targeted with fake Australian Post package-tracking page. While
PSN hacked – Network back after cyber attack and bomb threat
Sony’s PlayStation Network was back online and the information of its 53 million users safe, despite a weekend-long cyber attack, and a reported bomb threat which caused the diversion of a flight carrying a Sony executive.
Flight MH370 – did cyber attack steal its secret?
Classified documents relating to the missing Malaysian Airlines Flight MH370 were stolen using a carefully-crafted spear-phishing attack, targeting 30 government officials just one day after it vanished.
Identity fraud: How one email wiped out $300m – and sender walked free
A single email wiped $300 million off the value of an Australian mining company, after an environmental activist, Jonathan Moylan and sent a press release to media organizations.
‘Sextortion’ blackmail attacks on the rise, Police warn
‘Sextortion’ attacks where cybercriminals blackmail victims with the threat of exposing explicit photographs or messages are increasingly common, according to a report by Bloomberg News.
How cybercriminals ‘market’ email attacks – and why LinkedIn lures are today’s prize phish
Cybercriminals ‘manage’ phishing emails using techniques similar to those used by marketing agencies, including the use of ‘test audiences’ to see how effective a particular email is, according to an email security specialist.
Overconfident? Introverted? Study reveals personality traits of “perfect” phishing victims
A new study aims to identify the sort of people who are most likely to fall for phishing scams - and has found that women, introverts and the overconfident are more likely to confuse “real” email with phishing scams.
Social Engineering, Management, and Security
A BYOD dissonance between economic imperative and loss of central control? Discontented staff susceptible to social engineering? David Harley reflects on aspects of Business Reimagined, a new book by Dave Coplin, chief envisioning officer at Microsoft UK, interivewed by Ross McGuinness in Metro.
Twitter blames spear‑phishing for recent hacks – and warns news companies to expect more
Twitter has warned media companies that attacks on their official Twitter accounts are liable to continue, after Britain’s Guardian newspaper became the latest high-profile news site to fall victim.
Hacked CBS Twitter accounts present followers with malware‑tainted “news”
Twitter accounts used by CBS News were compromised on Saturday - and began serving up bogus news stories with links to malware.
Spammers leverage news of a new Pope and other world events
Major world events always bring with them an upsurge in related spam and the election and inauguration of a new Pope is no exception.
Hundreds of thousands of Facebook likes can certainly be wrong
Issues with malware are always with us. There may or may not be a current media storm, or companies hoping for a slice of the anti-malware pie by proclaiming the death of antivirus in a press release, but AV labs continue to slog their way every day through tens of thousands of potentially malicious samples.
Ransomware Part III: another drop of the Irish
Where to find more information about current trends in international ransomware design.
Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password
Sharing details of the hack that “wiped his life” has earned Mat Honan a place in the annals of information system security; the specific inter-dependence of flawed authentication systems that cost him so dearly–encompassing Apple, iCloud, Amazon.com, Gmail and more–would probably still exist if Mat had not gone public. Wired has the full story here
Support scams: social engineering update
More cold-call/support scam information.