Recent Posts

Recent Blog Posts

The PhishLabs Blog

New MitM attacks, Facebook's ThreatData - The Week in Cybercrime - March 28, 2014

Posted by Stacy Shelley on Mar 28, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

PhishLabs has observed a new wave of "Man-in-the-Middle" (MitM) attacks targeting users of online banking and social media. Customers of more than 70 different financial institutions are being targeted. 

There is a great deal of threat data out there being generated by the good guys. But the data is far from uniform in structure and quality, making it difficult to consume and apply the data in truly meaningful ways to protect users. The good news is that it's a known problem that several groups are trying to address. Earlier this week, the security team at Facebook jumped in with the ThreatData framework for capturing intelligence data, storing it, and applying it to security processes.

Several banks have joined together and are filing suit against Trustwave, who performed Target's PCI QSA audits. It'll be interesting to see how the suit plays out. Breach liability has been a concern for many assessors and they generally have made a lot of effort to reduce exposure in contract language. One of the issues is that QSA audits are not exhaustive in large payment environments and the auditors have to rely on sampling. Which means there's always risk of non-compliance even with a clean audit report... 

Brian Krebs continues to connect dots within the cybercrime underground. This time it's to track down the likely identity of one of the fraudsters behind SSNDOB.ru, which sold stolen sensitive data that was used for ID theft.   

Cybercrime steals a page from Inception. Well, not exactly. The Naked Security team at Sophos found a ID theft spam campaign using an image they were hosting as part of a writup they posted about different spam campaign. Whoops.

 

Topics: The Week in Cybercrime

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all