Incident response is always a cat and mouse game. Organizations spend heavily on people and technology to help protect their enterprise, while threat actors continue to find new and unique ways to bypass those controls. We’ve seen this trend continue over time, whether it be with the shift to MHTML files by Locky or the delivery of malicious PowerPoint show files. The PhishMe intelligence team has noticed another change, this one by the actors who are phishing for login credentials, and their tactics reveal that they are actively working to bypass security controls.
In another highly visible ransomware event, Techcrunch recently reported that Congress was warned about ransomware attacks that were impacting the House of Representatives. While ransomware is by no means new, Congress was warned that these attacks were personalized and are specifically targeting third-party email services such as Yahoo or Gmail. Additionally, Congress was warned that their machine could be encrypted by simply clicking the link within the message.
Reuse of infrastructure supporting malware distribution is a well-documented characteristic of online crime and a key way to track and classify threat actors. While it may seem simplistic for monitoring threat actor activities, the IP addresses, domains, hostnames, and URLs contacted by malware tools betray a significant amount of information about threat actor groups. For some malware attacks, it’s possible to determine the threat actor’s identity based on the infrastructure used, but, other times, the lines are blurred because some organizations harbor cyber criminals.
LEESBURG, VA–(Marketwired – May 17, 2016) – PhishMe Inc., the leading provider of human-phishing defense solutions, today released its May Cybercrime Alert, warning organizations that its threat researchers expect to see a rise in several phishing attack types, including Business Email Compromise (BEC) and Whaling:
You spoke…we listened.
PhishMe CBFree Computer Based Learning modules launched in October 2015 and was extremely well received among users. As an initial launch, we listened heavily to our customer’s feedback and have a new set of modules.
LEESBURG, VA and LONDON, UNITED KINGDOM–(Marketwired – May 12, 2016) – PhishMe Inc., the leading provider of human phishing defense solutions, today confirmed the release of Simulator™ Small Business Edition (SBE) — a scaled version of its market-leading flagship Simulator solution. Built specifically for smaller organizations, Simulator SBE conditions employee security behavior to identify and deflect phishing attacks through proven, immersive education processes. PhishMe also confirmed new updates to their CBFree Modules, PhishMe’s free premium Computer Based Training (CBT) courses designed to deliver compliant, best-in-class security awareness education.
Judging Panel Recognizes PhishMe Co-Founder for Commitment to Leadership and Continued Innovation
LEESBURG, VA — (Marketwired) — 05/10/16 — PhishMe® Inc., the leading provider of human phishing defense solutions, today announced CEO and co-founder Rohyt Belani has been recognized as an EY Entrepreneur Of The Year Mid-Atlantic finalist. The EY awards program, which is celebrating its 30th year, recognizes entrepreneurs who demonstrate excellence and extraordinary success in innovation, financial performance and personal commitment to their businesses and communities.
This week, Recorded Future published another segment in their recent “Threat Intelligence Thought Leadership Series” featuring PhishMe’s Chief Threat Scientist Gary Warner. The article titled Why You Should Launch a Threat Intelligence ‘Hunt’ Team covers a variety of perspectives on threat intelligence, from driving factors in today’s threat intelligence community, actionable intelligence trends and even advice for aspiring threat intelligence analysts on how to navigate today’s information security landscape.
“Cybersecurity: Why are we Failing?” General Session Presentation Among FS-ISAC Annual Summit 2016 Highlights
LEESBURG, VA–(Marketwired – May 2, 2016) – PhishMe® Inc., the pioneer in human phishing defense solutions, today announced that Rohyt Belani, CEO and cofounder, will present at the FS-ISAC Annual Summit 2016 on May 4 in Miami, FL. Belani’s presentation will focus on how military defense tactics can be used to strengthen cybersecurity, with emphasis on the important role effective human intelligence gathering and behavior conditioning plays in defensive programs.