CyberheistNews #27



CyberheistNews Vol 1, #27







Editor's Corner



KnowBe4


[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]cybercrime[/caption]



Email CaaS: Crime as a Service





This time, I'd like to invite you to 15 minutes of video. It's going

to be very interesting, I promise. The speaker is Marc Goodman.

Over the past 20 years, he has built his expertise in cybercrime,

cyber terrorism and critical infrastructure protection working with

organizations such as INTERPOL, the United Nations and NATO. His quick

overview of the current state of cybercrime is timely, up-to-date and

Marc is specific about the problems you are going to see in 2012,

especially about data theft. For instance, did you know that 85% of

data stolen is stolen by organized crime? Spend these 15 minutes to

see his presentation at the Strata Summit:


http://www.youtube.com/watch?v=6ueKilyThQg&feature;=player_embedded





Quotes of the Week









"Imagination is more important than knowledge." - Einstein







"Reality leaves a lot to the imagination." - John Lennon







Please tell your friends about CyberheistNews! They can subscribe here:


http://www.knowbe4.com/about-us/cyberheist-news/



KnowBe4






"We Discovered A Serious Human Vulnerability"







"I'm a system administrator and we regularly get user's workstations

infected with malware. Then Microsoft reported that 45% of the infections

are caused by the users being 'social engineered', so we decided to test it

out for ourselves."







"First we did the Email Exposure Check. Out of our 197 users, 87 email

addresses were found on the Internet. Then we did the Phishing Security

Test, and sent these 87 a relatively simple simulated phishing attack,

that could have been sent by any bad guy."







"We were shocked to see that our spam filters and antivirus did not

catch the phishing email, and that 24 of these 87 clicked on the link.

We discovered a serious human vulnerability." -- P.H. System Admin







Find out for yourself how big this human security hole is in your

organization. Fill out this form, you will get the results for free:




http://www.knowbe4.com/eec/





KnowBe4






Attackers Pose As Police In New Ransomware Campaign









The DarkReading site had an interesting item. "In a new twist to

ransomware attacks, the bad guys are pushing pop-up warnings posing

as federal law enforcement messages claiming to have discovered illicit

and illegal material on victims' computers -- and the malware locks

down their machines and deletes data unless they pay a fine. Ransomware

is nothing new, but researchers at Microsoft say this latest batch includes

different versions for each country it targets.




232300884/attackers-pose-as-police-in-new-ransomware-campaign.html">http://www.darkreading.com/insider-threat/167801100/security/attacks-breaches/

232300884/attackers-pose-as-police-in-new-ransomware-campaign.html






KnowBe4






Amnesty International Site Serves Java Exploit







This is how the bad guys operate. They hack reputable sites, and then

put malware on those sites that infects the maximum amount of visitors.







Brian Krebs has a story about Amnesty's site in the UK: "Amnesty

International's homepage in the United Kingdom is hacked and is currently

serving malware that exploits a recently-patched vulnerability in Java.

Security experts say the attack may be opportunistic, or it may be part of

a more nefarious scheme to target human rights workers.":


http://krebsonsecurity.com/2011/12/amnesty-international-site-serving-java-exploit/





KnowBe4






Feds Indict 55 For Cybercrime Fraud





Federal authorities Friday announced the indictment of 55 people for

participating in a cybercrime fraud ring that relied on insiders to steal

hundreds of people's personal details from a bank and a car dealer, among

other organizations. The stolen information was then used to defraud both

the victims, as well as the organizations at which the insiders worked.







"These insiders used their positions to gain access to client data, and

then sold that data to make money for themselves and their accomplices,"

said Manhattan District Attorney Cyrus R. Vance, Jr., in a statement.

Dark Reading has the story:


http://www.darkreading.com/attacks-and-breaches/feds-indict-55-for-cyber-crime-fraud/d/d-id/1101904








KnowBe4






Security Minefield: BYOD Will Bedevil IT Security In 2012





I have been talking about this before, and Ellen Messmer over at

InfoWorld has an excellent overview about this problem: "As companies

allow employees to use their personal smartphones and tablets for

business, pressure to protect and manage these devices is growing.







"The rapid adoption of the newest mobile devices -- especially the Apple

iPhone and iPad and the Google Android-based equivalents -- will be a

huge disruptive force in enterprise security next year. Not only will

there be pressure to decide how to protect and manage these devices,

which are growing as malware targets, the complexity of this task is

magnified many times over because companies are allowing employees to

use their own personal smartphones and tablets for business purposes --

what's sometime called "bring your own device" (BYOD)." Story at:


http://www.infoworld.com/article/2618154/apple-phone/security-minefield--byod-will-bedevil-it-security-in-2012.html





KnowBe4






Cyberheist 'FAVE' LINKS:







* This Week's Links We Like. Tips, Hints And Fun Stuff.





'Rollerman' Jean Yves Blondeau swoops down some of the most scenic mountain

roads in the world:


http://www.flixxy.com/rollerman-travels-the-world.htm





Riding on a mountain bike along the Garnitzenklamm gorge in Austria. These

guys are nuts, have a death wish, or both! LOL


http://www.flixxy.com/mountain-bike-riding-austria.htm





The weirdest, wackiest and coolest sci/tech stories of 2011:
http://www.networkworld.com/slideshows/2011/121411-wacky.html?





The Best of 'Damn You, Autocorrect':
http://www.networkworld.com/slideshows/2011/070711-auto-correct.html?





A Google Ad from India, based on a real life story of an artist who used

the web to bring the dying art of 'Tanjore' paintings back to life and

became successful in the process. Interesting:
http://www.flixxy.com/indian-google-ad-based-on-a-real-life-story.htm





The 'Skating King of Pakistan' controls a motorcycle with two strings

while being towed along. Definitely do not try this at home:
http://www.flixxy.com/pakistani-rollerblader-controls-motorcycle-with-strings.htm





High-res time-lapse sequences captured by astronauts aboard the ISS give

us a beautiful view of well-known coastlines and countries around the world:
http://www.flixxy.com/view-from-space-countries-and-coastlines.htm





A group of researchers encounters a pack of wild mountain gorillas near

Uganda’s Bwindi National Park and one lucky human gets groomed by baby

gorillas:
http://www.flixxy.com/wild-gorillas-meet-humans.htm





The 16 Greatest Cities In Human History. This is actually REALLY interesting:
http://www.businessinsider.com/greatest-cities-in-human-history-2011-12





African Bullfrog Plays Video Game:
http://news.yahoo.com/blogs/sideshow/video-african-bullfrog-plays-video-game-175145367.html




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews