Category Archives: Phishing

Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters

By | June 22, 2015

My piece on what Deep Panda looks like in action: Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters: Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the U.S. government’s Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep Panda. But to Jared… Read More »

Reuters: Beyond the Breach

By | February 9, 2015

My piece on disruption in the cybersecurity space. Too many companies and ideas to mention in Reuter-space, but it’s a start.  Thanks to Ian Geohegan, as ever, for his editing touch.   Beyond the breach: cyberattacks force a defense strategy re-think | Reuters (Reuters) – A barrage of damaging cyberattacks is shaking up the security industry, with some… Read More »

Phishy Facebook Emails

By | October 28, 2011

Facebook phishes are getting better. Compare this one: and this: Notice how the key bit, supposedly defining that it’s a legit email, is successfully and convincingly faked: The only difference that stands out is the domain: facebookembody.com. Although Google classified it as spam they didn’t warn that it would go to a website that contains malware. So be… Read More »

Whaling in Singapore?

By | April 17, 2008

Singapore appears to be the source of a virus cleverly designed to hoodwink U.S. executives by appearing to be an emailed subpoena which mentions them by name, as well as their title. The SANS Storm Center said three days ago that We’ve gotten a few reports that some CEOs have received what purports to be a federal subpoena… Read More »

Backed Up? Or Cracked Up?

By | March 10, 2008

There’s quite a commotion online about a program called g-archiver that promises to back up your Gmail account, but in the process apparently harvests all users’ Gmail usernames and passwords, and mails them to a separate Gmail account. This is indeed scary, although it’s possible that the person behind it wasn’t collecting the passwords for nefarious purposes. But… Read More »