Cyber Threat Update – 4/27/2015

cyber_threat_banner_PNG

Last week, our EPIC analyst team identified and stopped a large botnet campaign targeting various sectors, with Consulting Services being the hardest hit.  Over 17 million emails strong, this campaign used several unique email identifiers, but all linked back to the German based website: catcut[dot]net that points toward known Ukrainian spammers.

In the email campaign the spammer provides a link that directs users to a website that containing a very suspicious java script code. The code can infect systems operating on Windows or Macintosh platforms. The malicious website is also likely to send system information and credentials to the spammer.

This is uniquely dangerous because the site will likely steal your credentials which can be used as a gateway to future cyber attacks.  As always, be very cautious when opening an email from an unknown sender and never click on a link that isn’t from a trusted site.


EdgeWave EPIC provides comprehensive Military Grade cyber security to companies large and small in all sectors, deploying the latest in automated protection backed by 24/7 human analysis, and guarding against Advanced Persistent Threats. EdgeWave monitors networks and customizes security rules for over 6000 clients globally, ensuring compliance and timely reporting. Visit www.edgewave.com to find out how easy it is to secure your network.

EdgeWave named 2015 “Best Messaging Security Solution” by Cyber Defense Magazine

EdgeWave ePrism Email Security recognized as the best in Messaging Security for 2015

edgewave copy

Cyber Defense Magazine looks for the most innovative, cutting-edge next generation information security products and services, and they recognized EdgeWave ePrism Email Security as the best in Messaging Security for 2015.  ePrism Email Security combines Military-Grade cyber security with a SaaS cloud platform to protect organizations against the most advanced email-borne threats while also providing comprehensive security policy compliance.

ePrism Email Security is backed by EdgeWave Enhanced Precision Integrated Cyber Capabilities (EPIC), EdgeWave’s unique Military-Grade approach to cyber security.  EdgeWave EPIC fuses battle-tested U.S. Military cyber security veterans with advanced technology to identify attacks, eliminate threats and stop data breaches.  EdgeWave EPIC is led by Mike Walls (CAPT, US Navy ret.), who prior to joining EdgeWave was responsible for U.S. Navy cyber readiness, ensuring the security of over 300 ships, 4,000 aircraft and 400,000 servicemen – the world’s largest intranet.  Additional ePrism Email Security features include inbound & outbound spam filtering, data loss prevention, multiple encryption options, continuity and cloud archiving.

Visit Cyber Defense Magazine’s April Issue for full detail

Cyber Threat Update 4/17/2015

cyber_threat_banner_PNG

 

 Web Threat Update 

EdgeWave EPIC cyber analysts rated 32,167 websites this week. Two websites in particular are very concerning.  First, a prom dress website, fittedpromdress[.]com, has the HTML:Scrip-inf Trojan.  This Trojan executes a series of commands that collects data from a visitor. Some of the data collected could pertain to their system setting, software versions and configuration, and other items that an attacker can then analyze for a future attack on the individual.  What is most concerning about this threat, is that the targeted demographic is most likely teenage females.

The second site identified as malicious was universalaccountants[.]com. This site is a legitimate accounting service, however the webpage contains the HTML:HideMe-F [Trj] Trojan.  This virus attempts to modify system settings without permission, and can make changes to the user’s registry.  It has been used in the past to steal login credentials and other personal information.

Both of these sites are very dangerous and should NOT be visited. As a second layer of assurance, both sites have been blocked and placed in our malware category.

Email Threat Update

EdgeWave EPIC cyber analysts identified a particularly malicious email campaign targeting the Agriculture and Telecommunications sectors.

Organizations in these sectors were targeted with spam emails, attempting to get the recipient to click on a links associated with online college degree program. All of the emails originated from the top level domain positivelyimpactful[.]org which was created on April 13, 2015.  Scans of the site did not reveal the presence of malware; however the site is still new, so it is possible that malware has yet to be uploaded.  The craftsmanship of the spam demonstrates the use of clickable images rather than text in the email.

eprism

This site is likely a reconnaissance and collection scam.  Individuals will use the information to sell to other spammers for specific targeting of top-level management of a targeted company in the Agriculture and Telecommunication sectors.


EdgeWave EPIC provides comprehensive Military Grade cyber security to companies large and small in all sectors, deploying the latest in automated protection backed by 24/7 human analysis, and guarding against Advanced Persistent Threats. EdgeWave monitors networks and customizes security rules for over 6000 clients globally, ensuring compliance and timely reporting. Visit www.edgewave.com to find out how easy it is to secure your network.

EDGEWAVE UNVEILS MILITARY-GRADE BREACH IDENTIFICATION SERVICE

2015-ESAS-Landing

A fact of the modern connected world is that no organization is immune from a cyber-attack. Even the best security systems do not stop every threat, and successful hacks can go undetected for months, leading to costly data breaches. Unfortunately, IT security experts able to detect and eliminate hacks are expensive and in short supply, while automated security monitoring systems have too many false alerts
that waste time and obscure real alarms.

But now EdgeWave gives organizations the last line of defense they need for complete data breach protection. EPIC Security Assurance Service stops data breaches by identifying when you’ve been hacked and providing an immediate response plan to eliminate the threat. Former military cyber security experts watch your network and analyze incidents 24/7/365 to uncover real attacks so you don’t waste time
with false alerts.

 

For the full press release click HERE

Cyber Threat Update 4/13/2015

 

cyber_threat_banner_PNG

The Tech & Telecom sectors are critical to our nation’s economy, and the EdgeWave EPIC team is committed to ensure they remain productive and safe from cyber attack.   Last month, EdgeWave EPIC analysts detected and stopped a significant campaign targeting the identities of key executives and decision makers in these sectors.  Comprised of more than 250,000 articles of spam, this campaign targeted companies with emails directing the user to click on a link to www.linkserv[.]co.  The emails were sent from servers in Russia, the Netherlands, and Los Angeles.  Although analysis of the site did not reveal the presence of malware, the site is still active and poses a threat to anyone who clicks on email link.

The craftsmanship of the spam displayed a strong attention to detail, increasing the perception that the spam is a trustworthy email from a reputable company. The email offered membership in a “Who’s Who” of executives and professionals.  Depiction below:

linkserve

In conclusion, this site is likely a reconnaissance and collection scam. This is uniquely dangerous because the site will use your information to sell to spammers, hackers and other nefarious actors, increasing your chance of becoming a target for cyber criminals.  As always, be careful where you enter your personal and professional information, and only trust established, reputable sites.


EdgeWave EPIC provides comprehensive Military Grade cyber security to companies large and small in all sectors, deploying the latest in automated protection backed by 24/7 human analysis, and guarding against Advanced Persistent Threats. EdgeWave monitors networks and customizes security rules for over 6000 clients globally, ensuring compliance and timely reporting. Visit www.edgewave.com to find out how easy it is to secure your network.