Threat Intelligence Blog


Most Popular Blog Posts of 2014

2014 was another remarkable year in information security. In case you’ve missed any articles, here’s a look back at our most popular blog posts of 2014. They cover a wide range of threat intelligence and security topics. Check out what readers have found most interesting, and subscribe to the blog today to make sure you don’t miss any posts in 2015.

1. What is Clickjacking and How Can You Prevent It?

The word “clickjacking” might conjure an image of some dangerous species lurking in the shadows at night in the jungles of an unexplored continent, or perhaps an image of “carjackers” in the urban jungle. In reality, those descriptions aren’t too far off, except that instead of a jungle, we’re talking about the dense and complex network of the web. So, what is clickjacking, and how can you prevent it?

2. Coffee Talk with Krebs: Nine Questions for Brian Krebs

Krebs recently released SpamSPAM: Email or postings containing irrelevant, inappropriate or indiscriminate messages sent to a large number of recipients. LookingGlass Cyber (n) - tons and tons of emails sent out with no relevance to anyone, or anything. Nation: The Inside Story of Organized Cybercrime—From Global Epidemic to Your Front Door. Cyveillance Chief Scientist Caleb Queern recently spoke with Krebs about illegal online pharmacies, open source intelligence, the future of cybercrime, and more.

3. Which Government Websites Host the Most Phishing Attacks?

How common is it to find a phishingPhishing: The use of emails that appear to be from a legitimate, trusted source that are enticed to trick recipients into entering valid credentials including personal information such as passwords or credit card numbers into a fake platform or service. LookingGlass Cyber (n) - tailoring an attack (such as email) to garner trust and credentials that are then used maliciously. The preverbal digital version of the ol' hook and bait. attack on a website administered by a government? To find the answer, we looked at the aforementioned data, which is comprised of all phishing URLs we found from September 2013 through September 2014 – a little more than 72,000 unique domainDomain: A specified location where a set of activity or knowledge exists. For instance, an Internet domain is synonymous with a website address or URL where information can be made available. LookingGlass Cyber (n) - A fancy name for a URL or website. names.

4. Russian Cybercrime and the New Threat Landscape

The era of home-grown, basement hackers is over. In the past five years, Russian hackers have become increasingly organized and sophisticated, and now threaten individuals, organizations, and governments alike. Major crime syndicates have taken over, and the switch from offline crime to cybercrime has only maximized their profits and geographic reach. Criminal activities range from spamming to identity theft, child pornography to credential harvesting, and many other illicit activities.

5. Watch that Pin: Trojans Are Now Using Pinterest

Last summer Trend Micro observed online banking Trojans that were targeting South Korean banks. Now, compromised sites that contain exploit kits are delivering banking Trojans to site visitors. Some of the banks being targeted include Hana Bank, Nonghyup Bank, the Industrial Bank of Korea (IBK), Shinhan Bank, Woori Bank, Kookmin Bank, and the Consumer Finance Service Center. Once a customer has been infected with malwareMalware: A generic term for a software that is designed to disable or otherwise damage computers, networks and computer systems LookingGlass Cyber (n) - another type of cold that can destroy a computer by latching on to destroy other programs. and is redirected to a phishing site that looks like a legitimate banking website, the criminals are able to steal their credentials.


Additional Posts

Cyveillance Weekly Trends Report – January 21, 2015

Welcome to the Cyveillance Weekly Trends Report Since threat intelligence is constantly evolving, ...

Cybersecurity Education: An Interview with Arlington County CISO David Jordan

  We recently interviewed a Virginia government Chief Information Security and Privacy ...