I discovered some interesting research on phishing conducted by a professor at Friedrich-Alexander University in Germany. Yes, people click links they shouldn’t. No surprise there. But the reason they clicked the link is what makes the research valuable.
Curiosity: A killer of Networks and Cats.
Lawfare disputes “Going Dark”
Lawfare published an article titled “Law Enforcement is accessing locked devices quite well, Thank You! to dispute law enforcements argument that encryption is hampering criminal investigations. Susan Landau provides a pretty fare assessment of the of the current situation but some overbroad assertions show her limitations. Access of the tools needed to access these locked devices are very limited and small agencies just don’t have the budget or access. Most of America is policed by small agencies. Additionally, no tool is accessing a properly configured device. Law enforcement is literally only cracking into the low hanging fruit.
It’s not if…it’s when!
There are two types of businesses: those that have been compromised and those that are about to. Well maybe three - those that have been compromised and don’t even know it! FireEye acknowledging they have been breached proves that literally no computer network is safe from compromise.
And it’s not just private businesses….
The U.S. Department of Treasury was also compromised! Source close to the event say it was “Russians”. Of course it was…
Congress passes Anti Money Laundering Law
The law is good but the fact it was bundled into the defense budget bill shows how fragmented government is. Anyways, the new law requires a declaration of “beneficial ownership” so that a companies true owners are known and registered. This prevents prevent terror groups, drug cartels and arms dealers from using shell companies to move money to support their operations.
Web skimmers are bad and (maybe) you can’t protect yourself!
This ZDNet article is about web skimmers being embedded into a websites CSS code. It’s an innovated technique that allows attackers to almost completely hide their malicious tools. But the true nugget in this article is when the security expert details 65% of the skimming incidents his firm has investigated found the malicious tool in the server not the website. You have no way to protect yourself from that when conducting business through a website.
The Rest…
It is that time again. Yes, Kringlecon! The 2020 SANS Holiday Hack Challenge is no live. Test your skills and save Santa’s network.
Cisco Talos released their third quarter incident response report. And to no surprise…ransomware dominates.
Matt Graeber of Red Canary wrote an excellent, albeit very technical, article The Why, What, and How of Threat Research.
Proofpoint documents BEC: Understanding Supplier Invoicing Fraud
Cool Tool
DNS Twister - checks domains for look-alike phishing sites and typosquatters
Thank you for reading! Please consider subscribing and sharing.