CHANTILLY, Va., Nov. 4, 2014 – PhishMe® Inc., the leading provider of security behavior management solutions that develop employees’ into a layer of human security sensors against spear phishing, malware, and drive-by attacks, today announced that it has been selected as a SINET 16 Innovator for the second consecutive year. As a member of this prestigious group, PhishMe will present its solutions to representatives of the world’s largest industry and government organizations at the SINET Showcase 2014 event on December 4, 2014 at the National Press Club in Washington, D.C. The Security Innovation Network ™ (SINET) is an organization focused on advancing Cybersecurity innovation through public-private collaboration.
Over the last few days, we have seen two waves of Dyre. The attackers have changed things up a bit and made it harder to analyze. By using memory forensics techniques, we took a peek into their command and control (C2) infrastructure. The #1 rule of memory forensics…everything has to eventually be decoded, and we’re going to use this to our advantage. Here’s a quick look at the waves of emails we received. (Figures 1 and 2)
On October 28th, several of our employees reported a wave of suspicious emails. The most peculiar of the bunch originated from an American university. Here is a screenshot of the phishing email:
Throughout life, there are several things that make me smile. Warm pumpkin pie, a well-placed nyan nyan cat, and most of all – running malware online – never fail to lift my mood. So imagine my surprise to see, after running a malware sample, that the attackers were watching me. Here’s a screenshot of a phishing email we received, which contained a keylogger written in .NET.
With National Cyber Security Awareness month (NCSAM) upon us, the national spotlight is on best practices to stay safe and protect your data online. Thanks to the support of the National Cyber Security Alliance, Department of Homeland Security, and the White House , the month of October will feature a number of initiatives designed to increase the knowledge base about cyber security issues with the general population and promote DHS’ “Stop. Think. Connect.” program to empower individuals to be safer online. PhishMe is proud to participate by being a 2014 NCSAM champion, and have made a number of resources available to individuals looking to learn more about how to protect themselves from phishing, and to organizations trying to change their users’ behavior with more effective employee security training programs.
Post Updated 9/30/2014
Several months ago, the Internet was put to a halt when the Heartbleed vulnerability was disclosed. Webservers, devices, and essentially anything running SSL were affected; as a result, attackers were able to collect passwords, free of charge.
With Heartbleed, the exploit made a splash and many attackers started to use the vulnerability. One of the more high-profile attacks of Heartbleed was the CHS attack, where the attackers siphoned 4.5 million patient records by attacking a Juniper device, then hopping onto their VPN.
So how can something be bigger than Heartbleed? I’m glad you asked.