[Previous] AT&T Samsung Galaxy S II lock screen security flaw, and...

 [Next] Wombat Celebrates Cyber Security Awareness Month with Free ......

Some related posts from Technorati and Google.

[EDD Update] EDD Update: Social Media Makes Good Spear Phishing Bait: LinkedIn, Facebook, and Tweeter are used by criminals every day to harvest personal and corporate information that is then used to design and initiate a spear phishing attack against corporate employees. 

[About.com Internet for Beginners] What Is 'Whaling'? Is It Like 'Spear Phishing'?: Yes, whaling is a form of the modern spear-phishing scam. Like any 'phish' attack, the con man is trying to fool the reader into trusting the email so the person will divulge passwords and confidential information. But in the case ...

[New Info Bloger] Surviving 2011, Spear Phishing, The Information Security Attack of ...: Phishing can be the product of several individual attacks, the Epsilon incident involved the theft of a large quantity of email accounts tied to a common firm, typically a bank. It was theorized the information would be sold to phishers and later to spammers.

[fedcyber.com] Mitsubishi Heavy Network Most Likely Compromised by Spear-Phishing ...: There are many possible scenarios as to how Mitsubishi Heavy was infected. The possibilities include an infected computer connecting to the network, an employee’s log-in credentials being leaked, not having enough security measures and employees having access to data they didn’t need, according to Catalin Cosoi, head of the online threats lab at BitDefender.

[The Citizen Lab] Mitsubishi Heavy network most likely compromised by spear-phishing ...: Security researchers suspect that Japanese defense contractor Mitsubishi Heavy Industries was hit by a spear-phishing attack and that the operation bears the marks of the recent Operation Aurora cyber-spying campaign.

[Bob Gourley] Mitsubishi Heavy Network Most Likely Compromised by Spear ...: There are many possible scenarios as to how Mitsubishi Heavy was infected. The possibilities include an infected computer connecting to the network, an employee’s log-in credentials being leaked, not having enough security measures and employees having access to data they didn’t need, according to Catalin Cosoi, head of the online threats lab at BitDefender.

[Word to the Wise] Spear phishing – Word to the Wise: It’s been about a year since people started publicly talking about spear phishing attacks against ESPs and major emailers. There was a lot of energy put into talking about how to protect against future attacks.

[Cyber Security Identity Theft Protection High Tech Internet] Recession Sparks Bank Scam Boom! | Cyber Security Identity Theft ...: Unemployed computer programmers and IT experts are behind the latest surge in cybercrime, identity theft and online scams. These professionals are joining international crime gangs to steal millions of dollars from customer accounts and bank balances. International cyber security firm RSA claims that the global financial crisis is one of the reasons for a spike in this type of crime.

[IconixTruemark's Blog] Iconix Adds Fraud Filtering to SP Guard to Block Spear-Phishing ...: The common thread in these security breaches was spear-phishing emails that allowed malware to gain entry into the systems. Criminals are moving from high volumes of ineffective emails to small numbers of well-crafted highly personalized messages that are indistinguishable from legitimate email.

[Blog Interact Press Releases] KnowBe4 Warns of New Cybercrime Tactic: Spear-Phishing Using ...: Internet Security Awareness Training (ISAT) firm KnowBe4 is warning small and medium enterprises (SMEs) to proceed with caution before clicking any links in alert results, as cyber thieves are now creating bogus articles to lure their victims to infected websites.

[ammasajan's Blog] ammasajan's Blog » Warning:Spear-Phish Attack as web-based ...: PhishMe is also a gentler way of catching employees falling for a phish. Rather than making them feel punk’d, like some social engineering exploits do, it gives them instant feedback: They are redirected to educational messages and information, including a PhishMe educational comic strip and links to their corporate sites for more information.

[Critical Assets - Security and Compliance] Anatomy of a Spear Phishing Attack - Critical Assets - Security and ...: Any respondent was sent to an external website that appeared to require the use of a Java application in order to register for the event.  Though the application was unsigned, several users elected to run it anyway.  Unbeknownst to these employees, execution of the Java application appeared to do nothing at all, but behind the scenes, a “reverse shell” session was made to an external system under control of the attacker.  This session gave the attacker almost total control of a highly privileged developer workstation, and was not detected by internal security controls.  The application was platform-agnostic, and was most effective on OSX and Linux machines - the bulk of the development population.

Reflected tags on Technorati: Blog, Phishing, Global Security Watch