Tag Archives: spear phishing

Double Phishing Scam – Daily Security Byte EP. 279

A new double phishing scam is targeting ISPs and pirates. Watch Friday’s video to learn how attackers are tricking ISPs into making their phishing emails look even more legitimate. 

(Episode Runtime: 3:33

Direct YouTube Link: https://www.youtube.com/watch?v=QDY7pRvJ4Bc

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Emergency Java Update – Daily Security Byte EP. 213

Normally, Oracle only releases patches every three months. However, they broke that cycle to release an emergency Java update. Watch today’s video to learn what it fixes,

(Episode Runtime: 1:58)

Direct YouTube Link: https://www.youtube.com/watch?v=u3OjtxHzZFs

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Insider Spear Phishing – Daily Security Byte EP. 212

Usually, we discuss spear phishing as an external attack. However, a recent Department of Justice case proves insiders leverage spear phishing too. Watch today’s video to learn how a former Nuclear Regulatory Committee employee tried to spear phish his ex-coworkers, and how you might avoid such attacks.

(Episode Runtime: 2:33)

Direct YouTube Link: https://www.youtube.com/watch?v=Mh76Bnew7JI

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Two Phishing Breaches – Daily Security Byte EP. 208

This week, two different organization’s in two different industry verticals suffered security incidents that either lost them tons of money, or tons of time. What do they both have in common, and what can we learn from them? Watch today’s video to find out!

(Episode Runtime: 3:26)

Direct YouTube Link: https://www.youtube.com/watch?v=crBB4CU-cTs

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Backdoors and Watering Holes – WSWiR Episode 162

Cyber security has become mainstream. Nowadays, there’s more information security (infosec) stories each week than the average IT professional can keep up with. If you find yourself falling behind, let our daily and weekly videos keep you informed. If you watch my Daily Security Bytes, you can probably skip this weekly summary. However, if you prefer to recap the week in one go, this video is for you.

This week’s episode includes surprising new updates to the Ashley Madison hack, a backdoor in a bunch of consumer routers, and a watering hole attack targeting the EFF. Watch the video below for the scoop, and check out the references section for more.

(Episode Runtime: 8:41)

Direct YouTube Link: https://www.youtube.com/watch?v=DkcT9sFEfWc

Show Note: A couple notes this episode. First, while I posted last week’s summary video to YouTube, I was not able to blog about it due to my early week travel. If you missed it, you can view it here, or just subscribe to my YouTube channel to see my videos right when they come out. 

Also, I will be traveling in Europe all week to attend WatchGuard partner conferences. I will try to post some videos, but I probably won’t get to one every day, and will post them at unusual times. 

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

EFF Watering Hole Attack – Daily Security Byte EP.133

Today, the EFF warned the world that advanced attackers have been using their name in vain. A targeted spear phishing email is linking to a fake version of the EFF site, which forces malware via a recent cross-platform Java exploit. Learn more about this attack and how to protect yourself by watching the video below.

(Episode Runtime: 2:07)

Direct YouTube Link: https://www.youtube.com/watch?v=ZQXOgjC3gTg

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Japanese Pension System Pwned – Daily Security Byte EP.92

If you want to know why spear phishing is a big threat, ask the managers of Japan’s Pension System. They recently had attackers steal 1.25 million records due to a user clicking on the wrong attachment. Watch today’s video to learn more.

 

(Episode Runtime: 2:29)

Direct YouTube Link: https://www.youtube.com/watch?v=jtUGQREjjgU

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

Political Trojans, WordPress 0day, and Tool Fails- WSWiR Episode 150

Another week, another flood of security news. Do you find yourself falling behind of the latest InfoSec news? Than this weekly video should help you catch up.

This week’s video covers the latest on the White House breach, a new security tool that got hacked a day later, and an old trojan that has received some politically-motivated updates. Press play to learn about all that and more; and don’t forget the references to other stories below.

As an aside, I’m experimenting with the timing of this weekly blog post. While I will continue to post the weekly video on Friday, I will schedule this blog post the Monday after. If you’d rather see the video on Friday, be sure to subscribe to the YouTube channel.

(Episode Runtime: 10:12)

Direct YouTube Link: https://www.youtube.com/watch?v=EmIr30YlLDA

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

White House Breach Gets Worse – Daily Security Byte EP.70

We keep learning more about the White House email breach from last year, and the news gets worse and worse. Today we learned the attackers may have had access to more of President Obama’s email correspondence than first suspected. Watch today’s vlog post to for the details, and to learn tips to protect your organization’s email.

 

(Episode Runtime: 3:59)

Direct YouTube Link: https://www.youtube.com/watch?v=ni2xGWmE4yw

EPISODE REFERENCES:

— Corey Nachreiner, CISSP (@SecAdept)

PoS Fail and Browser Side-Channel – WSWiR Episode 149

As if every week wasn’t busy enough with new information security (InfoSec) news, this week was the RSA Conference, which brings with it a whole new batch of security news. If you find yourself struggling to keep up, follow my daily or weekly videos to get a quick summary of the latest relevant news.

This week, I was too busy at the RSA Conference to post my daily videos, but you can still catch some of the week’s news in today’s summary episode. In it, I cover the latest updates about the White House breach, I share some interesting tidbits from an RSA PoS security presentation, and I point out some great new research highlighting a side-channel attack that affect most web browsers. Watch the video for the details, and check out the references for more stories.

As an aside, I will be attending another industry conference next week as well, so I may not be able to post my regular Daily Security Byte. However, I’ll still post a weekly video at the very least. I’ll continue with the Daily Bytes the week following next. Have a great weekend, and stay safe out there.

(Episode Runtime: 7:20)

Direct YouTube Link: https://www.youtube.com/watch?v=gGqDplwMJA4

EPISODE REFERENCES:

EXTRAS:

— Corey Nachreiner, CISSP (@SecAdept)

%d bloggers like this: