💣

ReliaQuest Security Incident

2019 2456 days ago Resolved

Incident Overview

Situation Description

The article discusses various phishing techniques used by attackers and provides recommendations for organizations to protect themselves against these threats in 2019.

Event Types

Malware / Destructive Attack

Industry Sector

nan

Geographic Scope

nan

Response Actions

Conducted Employee Training Hardened Attack Surface Implemented Advanced Authentication

Impact Analysis

Event Types (1 identified)

Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

Data Types Compromised

Credentials

Primary Impacts

Reputational Damage

Key Decisions Made

Organizations should prioritize implementing the right controls and training policies to protect themselves against phishing.; Limiting information shared online, including on social media, can help reduce phishing risks.; Implementing security measures like SPF, DMARC, and DKIM can make domain spoofing more difficult.

Technical Analysis

Attack Method

Phishing

Vulnerability / Tool

Metasploit Social Engineering Toolkit (SET) XDAN CopySite

Additional Information

Tackling Phishing: The Most Popular Phishing Techniques and What You Can Do About It Abby Thurman 12 December 2018 ReliaQuest Overall, the infosec community has done a relatively good job in securing systems. While a measure of restrained back-patting is called for, we shouldnt forget that social engineering and humans remain the weak link and attackers know this. In this extended blog, well cover a range of the different techniques attackers of all persuasions (whether sophisticated nation state or low-level hacker) choose when performing their phishing campaigns. By looking at details revealed in law enforcement indictments against nation state and organized criminal campaigns, as well as the tips and tools being shared by actors on cybercriminal forums and messaging applications, we can make sure that organizations are prioritizing the right controls and training policies to best protect themselves in 2019 . Harnessing the Power of Social Media Phishing tactics are used widely, from state-level actors to low-level spammers. The indictments issued by the United States Department of Justice (DOJ) in 2018 have underscored how effective phishing can be, even in large network intrusions conducted by suspected nation state actors. One example is the September indictment against a North Korean regime-backed programmer associated with a series of campaigns, including the Sony Pictures Entertainment attack, the Bangladesh bank heist and the WannaCry outbreak. This indictment confirmed that even proficient attackers used a variety of pretexts to convince targets to click on the link in their phishing emails, including masquerading as Facebook or Google official notification emails. As well as approaching victims by email, the attackers also sent messages directly through social media sites such as LinkedIn.*!2oqx3boyVZsyLd4VTSAqAL! * Figure 1: Phishing email impersonating Facebook notification as detailed in September 2018 indictment against a North Korean...

... (truncated for display)

Quick Facts

Company:: ReliaQuest
Date:: 2019
Status:: Resolved
Decision Maker:: nan
Position:: nan
Published:: 12/12/2018

Source Information

Original Query

DOJ indictment details for Scattered Spider members and tactics

View Original Source

Timeline

Information Published

12/12/2018

Incident Occurred

2019 (2456 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats