5 Email Campaigns Evading In-Market Security Solutions

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Email Campaigns Evading In-Market Security Solutions-4 Next

Witness Campaign

In this campaign, attackers attempted to compromise systems by installing malicious code that belongs to the Pony malware family. Their goal was to steal credentials and install a backdoor to establish a more persistent presence on the endpoint. The Witness campaign, a name inspired by its accompanying email attachment (witness_supboena.doc), was the largest campaign with respect to the number of malicious emails sent. Lasting over two days, it was sent to 335 employees at a single enterprise.

In an attempt to socially engineer employees, the attackers used the name of the company in the subject lines of the email followed by the string "witness subpoena." For those who opened the attachment, malware from the Pony family was automatically downloaded onto systems.

Email is still the primary attack vector for many cybercriminals. In addition to malicious attachments and URLs, credential phishing is also on the rise and placing everyday users at the root of the attack. Why? Cybercriminals are using advanced attack methods that are consistently evading traditional detection tools. As such, organizations are beginning to realize that these advanced attacks can only be detected through multi-dimensional behavioral analytics that operate on diverse data sources and use a full spectrum of machine learning techniques.

Over a two-month period, security analytics firm Niara worked with customers to analyze email traffic and found a number of malicious email campaigns that sophisticated attackers were using to circumvent traditional defenses in order to gain a foothold within the enterprise and steal sensitive information. This slideshow presents five of the malicious email campaigns detected. Niara has also identified the tools, techniques and procedures used in each, which can be used to determine if your organization has been targeted by any of these campaigns.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.