Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Looking for some emails

Published: 2016-12-25
Last Updated: 2016-12-25 23:04:19 UTC
by Mark Hofman (Version: 1)
4 comment(s)

I am looking for some phishing emails that are using as part of their URL  <something>-my.sharepoint.com/personal/<something>

If have received one of these please send it through to markh.isc at gmail.com  or upload it using the contact form.  

Regards

Mark H

Keywords:
4 comment(s)

Time for some predictions

Published: 2016-12-25
Last Updated: 2016-12-25 22:59:45 UTC
by Mark Hofman (Version: 1)
0 comment(s)

As the year winds down it is time to have a look at the past and make some predictions for the future.  This year saw some large breaches disclosed. Not necessarily perpetrated this year, but made public this year.  We saw IoT devices used in large DDOS attacks as well as some changes in phishing practices, designed for mobile devices and the quick reader.

If anything this year showed us that large organisations get their security wrong, as do smaller ones, as do governments.  Still plenty of work to do for us all.  I think the one surprise to many was the effectiveness of IoT devices as an attack tool.  Hopefully the phrase "nobody would ever try and use our device to do that" will not come up in new product briefings when deciding to leave default passwords or use a 10+ old network stack. In the mean time security researchers are loving the ability to expense all kinds of network connected devices.

So, what will 2017 bring us?  More IoT, that's for sure.  Based on the changes in some phishing techniques, those may become a little bit more effective (more on that in a later diary).  However what else are people seeing in the future of IT security in 2017.  Let us know your predictions.  

Enjoy the holiday period and a safe 2017.

Cheers

Mark H  

Keywords:
0 comment(s)
Diary Archives