Cisco Blogs


Cisco Blog > Security

The Phishing Grounds

On August 15, 2013, Brian Krebs featured a screen shot of a fake Outlook webmail login page used by the Syrian Electronic Army in a phishing attack against the Washington Post. If you look carefully at the location bar, you will note that the domain used in the phishing attack is ‘webmail.washpost.site88.net’.

Washington Post Phishing Attack Page

Read More »

Tags: , , ,

Syrian Electronic Army Continues Spree: Cracks New York Times, Twitter and Huffington Post

The Syrian Electronic Army continues to hammer away at media organizations.  This afternoon the Syrian Electronic Army appears to have compromised the registrar Melbourne IT which hosts the domains of notable media organizations like Twitter, The New York Times, and The Huffington Post.

Syrian Electronic Army cracks Melbourne IT Registrar

Read More »

Tags: ,

Crumbling to the Cookiebomb

Recently we have seen a spate of government websites hosting malicious Cookiebomb JavaScript. We have observed URLs with the top level domains such as ‘.gov.uk’, ‘.gov.tr’, ‘.gov.pl’ and the website of a middle eastern embassy in the US become compromised and expose visitors to malware infection. For malicious actors, highly reputable websites are a valuable target to compromise. Politically motivated attackers, such as the Syrian Electronic Army, can use these websites to highlight their cause, to cause embarrassment to an adversary, or to spread malware, possibly as part of a watering hole attack. Profit motivated distributors of malware can use these websites to infect the steady stream of visitors who trust the website and who are unlikely to suspect that it has been compromised.
Read More »

Tags: , , , ,

Syrian Electronic Army Cracks ShareThis.com GoDaddy Account

ShareThis provides a mechanism for web surfers to share content online through a customizable widget.  According to the information on their website, ShareThis interacts with “more than 94% of U.S. Internet users across more than 2 million publisher sites and 120+ social media channels.” On the evening of August 21, 2013, ShareThis reported that their website was experiencing “technical difficulties.” They posted a follow-up tweet the morning of August 22 declaring that the service was functioning properly.  What ShareThis did not disclose however, was that their GoDaddy domain account was compromised by the Syrian Electronic Army.

ShareThis goes down Aug 21ShareThis regains control Aug 22

Read More »

Tags: ,

Cisco Network Threat Defense Training at SecTor 2013

UPDATE:  Due to low registration numbers for our training, Cisco Network Threat Defense, at SecTor 2013 we unfortunately had to cancel our course.  For those who registered, we appreciate your support and look forward to meeting and delivering the training to you at another venue in the near future.

SecTor 2013, the seventh annual security conference in Toronto, Ontario, CA, will be held October 7-9 at the Metro Toronto Convention Centre in downtown Toronto. The conference provides an unmatched opportunity for IT and Security Professionals to learn the latest security research and techniques.   My colleague, Joe Karpenko and I will present Network Threat Defense Hands-on Training on October 7.

Our training will help you learn about securely deploying network services and to detect, classify, and prevent threats targeting a network. You will use Cisco network devices to configure and deploy advanced IPv4 network threat defenses and countermeasures. Once these defenses and countermeasures have been implemented, you will then validate the effectiveness of the defenses and adjust them to changing network conditions and attack profiles. This will help you to verify, measure, and update your defenses for real world threats.

Cisco is a proud sponsor, as well as training provider, and can save you 10% using discount code ‘CISCO-2013′ or ‘CISCO-Expo2013′ for a free expo pass! Registering for the full conference also provides an additional $100 discount towards training courses.

Please join us at SecTor 2013 in October. Register soon for discounted pricing. Please reach out with questions and we look forward to seeing you in Toronto!

Tags: , , ,