試す 金 - 無料
PRIME TARGETS
Security Advisor Middle East
|May 2020
WHALE PHISHING OR CEO FRAUD CAN AFFECT ANY TYPE OF COMPANY, FROM SMALL FAMILY BUSINESSES TO LARGE MULTINATIONALS. INDUSTRY EXPERTS SHARE INSIGHTS INTO HOW THIS CYBERATTACK WORKS AND HOW TO PREVENT IT.
-
There are few things better designed to make an employee panic and than an email from the boss marked “urgent”.
With adrenaline levels high, a staff member can easily act rashly by doing as the message asks and paying an invoice. However, sometimes such emails are from criminals attempting to steal money and are not, as they initially appear to be, from a top company executive.
Ryan Trost, co-founder and chief technology officer of the threat intelligence platform ThreatQuotient, encountered these scenarios earlier in his career when he managed a large security operations centre.
“An adversary was masquerading as a senior vice president and sent an email to several employees in our accounts payable department,” explains Trost.
“Although the fictitious email address was a Gmail account, the adversary was able to manipulate the email envelope field and include the VP’s real email address to better camouflage the attack.”
The email included a fake invoice and asked for a wire transfer to be expedited to avoid a steep late fee.
The spearfish was well crafted, being direct and authoritative with proper grammar, and the vice-president’s legitimate email signature. It went to all employees necessary to approve a wire transfer.
What gave the game away was that, at the bottom of the email, the vice president's nickname was not included as it should have been. As Trost puts it, “a minor but obvious nuance.”
“This personal level of detail is usually hard for adversaries to mimic and is commonly overlooked,” he adds.
このストーリーは、Security Advisor Middle East の May 2020 版からのものです。
Magzter GOLD を購読すると、厳選された何千ものプレミアム記事や、9,500 以上の雑誌や新聞にアクセスできます。
すでに購読者ですか? サインイン
Security Advisor Middle East からのその他のストーリー
Security Advisor Middle East
KASPERSKY SHEDS LIGHT ON THE RANSOMWARE ECOSYSTEM
Ransomware is on the tip of everyone’s tongue every time businesses discuss cyber threats they are likely to face in 2021.
3 mins
May 2021
Security Advisor Middle East
GAJSHIELD: ENABLING CONTEXTUAL VISIBILITY FOR OPTIMUM DATA PROTECTION
HARRISON ALBERT, REGIONAL DIRECTOR, D-LINK MIDDLE EAST AND AFRICA, TELLS SECURITY ADVISOR MIDDLE EAST HOW GAJSHIELD’S CONTEXT-BASED APPROACH TO SECURITY HELPS ORGANISATIONS FIND ANOMALIES, REDUCE FALSE ALARM AND PREVENT INTENTIONAL & UNINTENTIONAL DATA EXPLOITATION.
3 mins
May 2021
Security Advisor Middle East
THALES ANNOUNCES NEW SOLUTIONS TO HELP OGANISATIONS DISCOVER, PROTECT AND CONTROL SENSITIVE DATA IN MULTICLOUD ENVIRONMENTS
THALES HAS ANNOUNCED NEW DATA PROTECTION SOLUTIONS FOR GOOGLE CLOUD, MICROSOFT AZURE, AND AMAZON WEB SERVICES, SOLIDIFYING ITS ROLE AS A TRUSTED THIRD PARTY FOR MULTI-CLOUD DATA SECURITY.
3 mins
May 2021
Security Advisor Middle East
RANSOMWARE RECOVERY COST FOR UAE IN 2021 IS $517,961: SOPHOS SURVEY
THE SURVEY POLLED 5,400 IT DECISION MAKERS IN MID-SIZED ORGANISATIONS IN 30 COUNTRIES ACROSS EUROPE, THE AMERICAS, ASIA-PACIFIC & CENTRAL ASIA, THE MIDDLE EAST, AND AFRICA.
5 mins
May 2021
Security Advisor Middle East
OVERCOMING THE CYBER-PANDEMIC
ABHIJIT MAHADIK, DIRECTOR, CYBERSECURITY & INFRASTRUCTURE – UAE & KSA, RAQMIYAT SPEAKS TO SAME ABOUT THE EVOLVING CYBERSECURITY LANDSCAPE, THE THREATS ORGANISATIONS NEED TO WATCH OUT FOR AND HOW THE SECURITY PRIORITIES OF ORGANISATIONS HAVE SHIFTED SINCE THE PANDEMIC LAST YEAR.
4 mins
May 2021
Security Advisor Middle East
FORTINET: MAKING A MARK @ GISEC
ALAIN PENEL, REGIONAL VICE-PRESIDENT, MIDDLE EAST & PAKISTAN AT FORTINET, EXPLAINS WHAT IT MEANS TO BE A PART OF GISEC THIS YEAR AND HOW FORTINET’S CUTTING-EDGE SOLUTIONS CONTINUE TO PROVIDE MAXIMUM PROTECTION AGAINST CYBERTHREATS AND ATTACKS.
4 mins
May 2021
Security Advisor Middle East
ANATOMY OF AN OT ATTACK
MAHER JADALLAH, SENIOR DIRECTOR - MIDDLE EAST & NORTH AFRICA AT TENABLE, DISCUSSES HOW, INSTEAD OF DEFENDING AGAINST AN ATTACK IN PROGRESS, A MORE SUSTAINABLE APPROACH WOULD BE ONE OF PREVENTION – OF ORGANISATIONS DOING A BETTER JOB OF UNDERSTANDING THEIR SYSTEMS, WHERE AND HOW THOSE SYSTEMS MAY BE EXPOSED, AND PRIORITISING THE THINGS THEY NEED TO PROTECT THESE SYSTEMS.
7 mins
May 2021
Security Advisor Middle East
MICRO FOCUS: OFFERING DRAMA-FREE IT WITH OPTIC
TOUFIC DERBASS, MANAGING DIRECTOR MICRO FOCUS MIDDLE EAST & AFRICA, DISCUSSES HOW THE LATEST IT PLATFORM FROM MICRO FOCUS OFFERS UNIFIED INTERFACE AND & EXPANDED INTEGRATION CAPABILITIES.
2 mins
May 2021
Security Advisor Middle East
COPING WITH THE NEW NORMAL
HUSNI HAMMOUD, MANAGING DIRECTOR - ESET ME, BARRACUDA NETWORKS, IVANTI (PART OF MIDIS GROUP), TELLS SECURITY ADVISOR HOW THE CHALLENGES OF THE LAST ONE YEAR HAVE CHANGED THE BUSINESS LANDSCAPE AND HOW ORGANISATIONS ARE NAVIGATING NEW TRENDS.
3 mins
May 2021
Security Advisor Middle East
AN IN-DEPTH DEFENCE STRATEGY
WERNO GEVERS, REGIONAL MANAGER, MIMECAST MIDDLE EAST, DISCUSSES HOW WHEN IT COMES TO EMAIL SECURITY, IT IS NECESSARY FOR SECURITY PROFESSIONALS TO EVOLVE FROM A PERIMETER-BASED DISCIPLINE TO A MORE PERVASIVE ONE.
4 mins
May 2021
Translate
Change font size