A few months ago, we reported on an interesting site called the Chameleon Phishing Page. These websites have the capability to change their background and logo depending on the user’s domain. The phishing site is stored in IPFS (InterPlanetary File System) and after reviewing the URLs used by the attacker, we noticed an increasing number of phishing emails containing IPFS URLs as their payload.
The typical life of a consultant working in the field of governance, risk and compliance is often not deeply technical, but we have to be aware of new technology and the risks it poses; this is very true when it comes to Cloud, and with the massive adoption of Cloud as the vast majority of organizations now use cloud services on some level.
Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company. However, there is more to being a Red team member than just signing up.
One of the lesser-known but extremely important roles the Trustwave Fusion portal, known as the Fusion Security Testing Suite (STS) plays is as a conduit for our clients when running a penetration testing program.
Leadership and teamwork personally and professionally have long been a passion of mine, while we all interpret and digest the concepts differently, I usually find the strongest parallels in team sports. Over the last couple of months there has been no shortage of sport available to watch – tennis, cricket tests, state of origin, rugby (mostly look forward to the seeing the Springboks play) and I guess AFL requires an obligatory mention.
From the outside, it might appear as if Trustwave MailMarshal is a stand-alone solution that on its own is able to effectively defend email systems from a wide variety of phishing, malware, and business email compromise (BEC) attacks. The truth is MailMarshal is backed not only by one of the best trained, most experienced cybersecurity research teams in the industry but also by a technology stack that has been decades in the making.
The Spanish philosopher George Santayana is credited with the aphorism “Those who cannot learn from history are doomed to repeat it.” This statement is particularly true when it comes to cybersecurity. Threat actors reuse well-known and previously patched vulnerabilities and attempt to take advantage of organizations making the same error over and over. So, if one does not know what has recently taken place it leaves you vulnerable to another attack.
There is an underlying constant when it comes to creating a strong defense—the more layers of defense in place, the better. Sure, having a single stout wall in place might be strong enough to deter some attackers, but it is simply not enough to counter a foe determined to gain entry. This holds true whether the defender is a castle, sports team, or an organization.
In the OT space it is increasingly common to see devices that are used to bridge the gap between the world of PLCs and IP based networks. These types of devices are commonly referred to as ‘smart-devices’. While smart-devices offer the convenience of remote management, this functionality also may create potential weaknesses exploitable by threat actors as well, and practical exploitation of such flaws is being witnessed in the wild.
