phishing

July 8, 2014

SECURITY

Threat Spotlight: “A String of Paerls”, Part 2, Deep Dive

This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas Goddard  In part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and […]

June 30, 2014

SECURITY

Threat Spotlight: A String of ‘Paerls’, Part One

This post was co-authored by Jaeson Schultz, Joel Esler, and Richard Harman.  Update 7-8-14: Part 2 can be found here This is part one in a two-part series due to the sheer amount of data we found on this threat and threat actor. This particular attack was a combined spearphishing and exploit attempt. As we’ve seen in the past, this […]

April 9, 2014

INSIDE CISCO IT

Improving Email at Cisco Part 2 – The Employee Process Side

I’d mentioned earlier (see Improving Email at Cisco Part 1 – The IT Technology Side) that email has its ugly side: Too many Most of them are a waste of time Emails will, occasionally, carry virus payloads (or link you to sites that have worse); and yet I can’t live without it

February 14, 2014

SECURITY

Email Attackers Tune Pitch for Wide Appeal

In recent weeks, the volume of malicious email carrying attachments has increased substantially. To entice recipients into opening those attachments, attackers are employing pitches across a wide range of subjects.  In doing so, they are defeating the often doled out advice to not open attachments in email received unexpectedly. One of the more striking examples […]

December 13, 2013

SECURITY

Big Data in Security – Part V: Anti-Phishing in the Cloud

In the last chapter of our five part Big Data in Security series, expert Data Scientists Brennan Evans and Mahdi Namazifar join me to discuss their work on a cloud anti-phishing solution. Phishing is a well-known historical threat. Essentially, it’s social engineering via email and it continues to be effective and potent. What is TRAC currently doing […]

September 9, 2013

SECURITY

The Phishing Grounds

On August 15, 2013, Brian Krebs featured a screen shot of a fake Outlook webmail login page used by the Syrian Electronic Army in a phishing attack against the Washington Post. If you look carefully at the location bar, you will note that the domain used in the phishing attack is ‘webmail.washpost.site88.net’.