Getting the word out to you, about the wide range of phishing emails and their associated social engineering tricks actually active in the wild, is one of the ain reasons this blog exists. Many of our clients use this blog as a resource as a link to the multitude of other sources out there on the web.
Here are two more attacks to be aware of:
A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes – SANS Internet Storm Centre
This is from one of my favourite sources, SANS Internet Storm Diary. This post by Xme, illustrates clearly why staff awareness of the problem of malicious email cyber security attacks is so important. The malware examined can bypass many of the current technical defences.
The second comes from a new source, Patrick Schläpfer at HP:
PDF Malware Is Not Yet Dead | HP Wolf Security
I love that title. Do not become complacent, the threat actors will always circle around and use an old attack when they think you have forgotten about it!
The post shows you very clearly the way the malware, gets past your defences and into your systems.
Defending against these types of threats, requires a cyber security plan for your whole organisation, but there are three specific steps to deal with phishing emails and social engineering attacks:
The best anti-virus that suits your circumstances. It must protect all your assets including software, hardware and cloud resources and come from a vendor either recommended to you by a trusted partner of a vendor you are prepared to trust. The AV software should also be monitored and managed on all endpoints
Training for all the people in your organisation so they can recognise threats that the bad actors get past your technical defences.
Do not run a “blame culture” – that will always help the threat actors and undo any training.
Clive Catton MSc (Cyber Security) – by-line and other articles