We rarely find out the identities of online attackers. As a result, it is often easy to picture attackers as impartial and emotionless devices instead of humans or groups of people. However, attackers often reveal small bits of information about themselves and their personalities in the tactics, techniques, and procedures they select.
Attention incident responders: PhishMe® Submerge is for you.
Submerge 2017, our second annual User Conference and Phishing Defense Summit, offers over a dozen sessions on phishing defense alone. Overall the event will offer 30+ sessions, including another track covering phishing resilience.
The US and UK share a lot of things. History. Political traditions. A language, if one is feeling generous. And now some worrisome phishing data that jumps out of two reports PhishMe® has commissioned, most recently in the UK.
Hunting Phished Endpoints with PhishMe Intelligence™ and Carbon Black® Response
While sipping coffee and reading the morning headlines, the CISO notices a global mass-phishing campaign that took place overnight. Picking up the phone and calling the SOC, the CISO asks; “Are there any computers that may have been infected with ‘X’ that I read about this morning? I need answers before my meeting in an hour”.
Part 3 in a series on being “Left of Breach” in the Phishing Kill Chain.
In part 2 we looked at Self-Enumeration, assessing security and business process gaps that phishing attackers exploit. It’s the first step in being “Left of Breach” (see figure below), the process that builds a proactive phishing defense strategy.
PhishMe IntelligenceTM Integrates with ThreatQuotient’s ThreatQ Platform
Swimming in a sea of threat intelligence indicators and services, security teams have been working towards effective ways to centralize, de-duplicate, and correlate massive amounts of threat data. The challenge, once this is done, is acting on what matters most. This requires intelligence, not just data.
Part 2 in a series on being “Left of Breach” in the Phishing Kill Chain.
In part 1 of this series, we talked about getting front of data breaches by taking proactive steps—everything to the left of the bullseye in the figure shown here: