In the last 24 hours, the Barracuda advanced security team has observed about 20 million attempts at a ransomware attack through an email attachment “Payment_201708-6165.7z.” Here is a screenshot of the email with the addresses redacted:
In this Barracuda Research post, we examine a recent attack against an organization that had no spear phishing protection in place. This incident demonstrates the dangers of using unauthenticated email for financial transactions.
The PC used by the controller at the company was infected with malware that echoed a copy of every email he received to an email address at a “free email” domain.
The thief at this unauthorized email account watched the controller’s emails for a short period of time before acting on them. Soon, there was an email concerning a transaction that was big enough to tempt the thief to strike.
NotPetya, or Netya, appeared to be Petya ransomware when the first attack was reported on June 27. Throughout the next few hours, it became clear to the security industry that malware was not the version of Petya that had been observed in 2016. This new attack was termed Petya.A, and is referred to here as NotPetya.
NotPetya was spread through malicious email attachments and compromised MEDocs software. In this blog post we will take you through our investigation into the email threat.
Countless individuals and organizations have unwittingly wired money, sent W2s, and emailed credentials to cyber criminals who were impersonating their boss, colleague, or a trusted customer. Spear phishing attacks can have devastating results for individuals, businesses, and brands, and unfortunately, they work because they are so simple and believable. A successful attack doesn’t require advanced hacking techniques, but rather gathering information about you that’s already posted online and spending five minutes to write a well-crafted email. The attackers can pick up information about their targets from a variety of sources: whether it’s posted on LinkedIn, Facebook, or on the company blog.
Spear phishing is something we’ve become very familiar with at Barracuda, as we have over a decade-long history of studying email-borne threats and the overall cyber threat landscape. Over the last year, we have spent a lot of time researching and analyzing highly-personalized spear phishing attacks.
This led us to build Barracuda Sentinel — the first comprehensive AI solution for real-time spear phishing and cyber fraud defense. In this month’s Threat Spotlight, we take a look at two recent spear phishing attacks that were caught by Barracuda Sentinel, and demonstrate how simple these attacks are to orchestrate.
Asaf Cidon is vice president of content security services at Barracuda Networks. In this role, he is one of the leaders for Barracuda Sentinel, the company's AI solution for real-time spear phishing and cyber fraud defense. Barracuda Sentinel utilizes artificial intelligence to learn the unique communications patterns inside customer organizations to identify anomalies and guard against these personalized attacks. Asaf was previously CEO and co-founder of Sookasa, a cloud storage security startup that was acquired by Barracuda. Prior to that, he completed his PhD at Stanford, where his research focused on cloud storage reliability and performance. He also worked at Google’s web search engineering team. Asaf holds a PhD and MS in Electrical Engineering from Stanford, and BSc in Computer Engineering from the Technion.
Despite the ubiquity of file sharing services like OneDrive and Google Docs, many information workers are still using email to share documents and other files. Radicati reports that the number of business emails sent and received per day will reach 116.4 billion by the end of 2016, and a good number of them will include an attachment. Regardless of the potential version conflicts and security risks, email remains a fast and convenient way for users to review and collaborate on a document.
Because of the huge volume of documents that are shared via email each day, antivirus (AV) technologies around the world are constantly evaluating email attachments for potentially malicious files. Last week the threat detection community ran into a problem when a public domain AV signature provider wrongfully categorized all Microsoft .doc files as a virus. This led to a large number of legitimate Microsoft Word documents to be blocked from transmission when they encountered an AV layer.
As we mentioned a few days ago, we'll be at the AWS Summit in New York this week to talk about how Barracuda is helping customers securely move their applications and workloads into the public cloud. We'll also be talking about our participation in the Amazon Partner Network and our Barracuda Web Application Firewall (WAF) AWS Security Competency, which we achieved earlier this year.
The AWS Partner Competency Program showcases AWS partners who have demonstrated expertise in specific solution areas. What does the Barracuda WAF AWS Security Competency mean to you?
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.
We've had no shortage of “Brexit” related economic news since the United Kingdom voted to leave the European Union on June 23 of this year. Take a look at these recent headlines:
- Brexit’s Toll Starts to Show in Prices of Consumer Goods
- Business confidence falls after Brexit vote
- Survey warns on slowdown to Northern Ireland economy after Brexit vote
- UK consumers keep spending despite Brexit vote shock
- British buyouts dive 95% after Brexit vote — and slump is hitting Europe, too
And more importantly for our topic today:
- 1 million-plus more homeowners can benefit from refi post-Brexit
- The future of mortgage rates in a post-Brexit world – Up, up and away
- Brexit has not had a major impact on U.S. mortgage rates, so far
- Mortgage rates sink to three-year low, thanks largely to Brexit
With headlines like these, is it any wonder that there is so much confusion surrounding Brexit related economic issues and mortgage rates?
There's a new attempt at an old phishing attack running on Facebook today. The attack appears to target business pages on Facebook by posing as a Facebook compliance message. Here's a screenshot of the attack, which we received in our notifications panel on Facebook: