As security professionals, we often view our users as a potential liability. I have plenty of first-hand experience that confirms the trope myself. But what if users could become a strength instead of a chronic risk?
BY MIKE SAURBAUGH AND GEOFF SINGER
Visualize Phishing Relationships with PhishMe Intelligence™ and Maltego
Fishing (without the “P”) is not a lot of fun when you just drop a line in the water and hope for the best. When fishermen want to see where the fish are, they look to the fish finder on the bridge to “look underwater” to find schools of fish. Similarly, when an analyst is looking to “catch” a phishing campaign, correlating the attacker’s campaigns and their payloads can benefit by being able to visually graph and link phishing threats. PhishMe Intelligence combined with Maltego can deliver the “phish finder” that an analyst needs.
When considering your organization’s response to a simulated phish, it is critical to understand that we are emulating / practicing for real life events with the purpose of conditioning appropriate response patterns in our user base.
PhishMe has been named a consecutive leader in Gartner’s 2017 Security Awareness Computer-Based Training Magic Quadrant. It’s the second year we’ve been recognized as a leader and positioned highest in “ability to execute.”
Part 4 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.
Over the past decade, mobile phones and social media have become essential to how we ingest news and communicate friends and families.
With it being flu season, no one wants to hear that a new strain of the flu has been discovered. Just as network defenders will not be excited that Locky ransomware has evolved yet again. This time however, threat actors decided to add a darker theme to code.
Part 6 in a series on being “Left of Breach” in the Phishing Kill Chain.
In part 5 we looked at the importance of reporting and associated best practices for implementation and measuring success at both the simulation and program trending level. Now let’s shift the focus from the development of our user base as reporters to a more traditional security skill set of detection, analysis and mitigation of threats.