A Hacktivist, Phisherman and Average Joe Walk into a Bar…

By Limor S. Kessem, Cybercrime and Online Fraud Communications Specialist, RSA Although the title of this blog may call to mind the first line of quite a number of old jokes, it appears that hacktivists, phishers and the everyday Internet user have enough in common to raise concerns of financial fraud, especially in light of…

The Biggest Online Attack in the History of the Internet??

…And they did it, they managed to slow down the internet. Next thing you know, they will break it! I am referring to what’s been called “the largest publicly announced online attack in the history of the Internet.” And this week we read about the suspect; a 35-year old guy from Netherlands who was arrested in Spain (The Netherlands Public Prosecutor Service press release in Dutch).

Where has the £650 million gone?

The UK government has identified cyber security as a key area of focus and new investment and in 2011 announced a budget of £650 million to shore up defenses in the UK. So after two years, let’s examine how it’s been spent.

Zeus FaaS Comes to a Social Network Near You

A recent discovery by RSA researchers shows a new FaaS offering that is being marketed directly via a popular social network. The sale item: a customized botnet panel programmed to work with the Zeus Trojan – both reworked by what appears to be an Indonesian-speaking malware developer.

Beyond having compiled a working Zeus Trojan kit, the developer customized an attractive control panel for the admin (basic and familiar in functionality, and taken from previous Zeus versions), the developer and his team created a demo website for potential buyers – which they have no qualms about sharing publicly, and best of all—a Facebook page with frequent updates and information about botnets, exploits, cybercrime, and their own product (Zeus v

Cybercriminals & Big Data Analytics

Big Data is the buzzword making headlines today. From improving medical diagnosis and treatment to energy conservation, businesses around the world are using Big Data analytics to transform the data they store into actionable information. Even here at RSA/EMC, we are working to leverage Big Data analytics to improve the way our customers detect and respond to threats. You can be sure that if legitimate businesses are using the latest and greatest technology, cybercriminals are too!

Common Indicators Used to Find Evil

Based on the last few Incident Response engagements I’ve participated in, the most common question I’ve heard is “what are the common indicators you are using to find evil?” This is not a question that has a simple answer. In this blog post, I’ll examine a Blackhole exploit kit session and discuss the various network indicators that analysts should be looking for when identifying host exploitation and associated binaries. The intent here is not to pick apart malware or de-obfuscate JavaScript, but to show how asking simple questions about your network traffic can reveal the bad stuff being missed by your other security products.


Tales from the Darkside: Another Mule Recruitment Site

The underground economy is a complex world with criminal organizations that specialize in each element of making it run. While Money Mules may just be a portion of this economy, they are crucial to its success. Without mules, cybercriminals have no safe way to move money and product. There are 2 basic types of mules when it comes to cybercrime. You have money mules, which help to move money, and reshipping mules, which help to move stolen goods. Mule recruiters, another portion of this economy, specialize in finding individuals or small businesses that will help them move funds or product. In most cases, these mules are unwitting accomplices to the crime.

Phishing in Season: Tax Time Malware, Phishing and Fraud

As phishers will have it, phishing attacks are quite the seasonal trend. It seems that every April, right after a slow first quarter, fraudsters awaken and get back to working on vast spam campaigns that ride the tides of tax-filing season. This time of year brings a few flavors of spam into the mailboxes of online users, including malware attachments purporting to be tax statements, tax authority-themed phishing, and online tax filing scams. In this special highlight, we will cover the main types of online threats that star during the tax filing season, most of which are already rampant in the wild.

Workplace Security: Are You the Weakest Link?

As an employee at some company somewhere, you are probably putting your organization at risk every day – and you don’t even know it. Do you re-use the same password to login to multiple accounts? Are you visiting social networking sites and planning your upcoming summer vacation while at work? Have you ever logged in to check your work email from unsecured wireless hotspots? These are just some of the activities employees around the world do every day that seem relatively harmless, but could be putting their company at risk.