[clug] [OT] FireEye on Email Attacks - only 1/3 via attachments, 1 in 6 use malware

Kim Holburn kim at holburn.net
Fri Oct 11 04:59:49 UTC 2019 


> On 2019/Oct/11, at 1:06 pm, Robert Edwards via linux <linux at lists.samba.org> wrote:
> 
> On 11/10/19 12:57 pm, steve jenkin via linux wrote:
>> After the recent reveal that ANU was compromised by a well targeted spear phising attack, I found this infographic ‘illuminating’.
>> While “Microsoft Users” are more heavily targeted and rate of increase in attacks has recently approx doubled each quarter,
>> “not Microsoft” isn’t the defence it once was.

It's probably more browser specific these days but it's not clear from that report if there is phishing directed at non-MS platforms.  Spear phishing and whale phishing are much more targeted and especially from APTs probably take the target's platforms into account.  I would expect quite a lot of targeting of phones as well.

>> FireEye is the company that took over Mandiant, the firm that disclosed the first APT report in 2013.
>> While they sell security services, freely releasing reports and infographics is generous on their part - not something they have to do.

I'm pretty sure fireeye run malware on virtuals to test what they do.  I expect they know what platforms the malware works on.

> FireEye publish (aka publicise, promote) lots of interesting cyber
> security data. I found this page quite illuminating some weeks ago:
> https://www.fireeye.com/current-threats/apt-groups.html <https://www.fireeye.com/current-threats/apt-groups.html>

Strangely, none of it's APTs are Western Countries or Israel.  

> I wonder how accurate it is? (no reason to believe it isn't, but
> then again, we are discussing issues where subterfuge reigns).
> 
> cheers,
> Bob Edwards.
> 
>> ==================
>> The 3 Ts of An Email Attack:TACTICS, TECHNIQUES, TARGETS
>> © 2019 FireEye, Inc.
>> Attackers constantly adapt their tactics, techniques and targets to get past email security defenses.
>> The following trends and data,
>> distilled from 2.2 billion+ emails from April-June 2019,
>> can help you better prepare for attacks by showing you what to expect.
>> <https://content.fireeye.com/one-email/ig-the-3-ts-of-email-attacks>
>> 	86% of email attacks are malwareless
>> 	Malwareless = Impersonation attacks, CEO fraud, spear phishing
>> 	62% URL-based attacks
>> 	38% Attachment-based attack
>> 	181% Increase in Microsoft-based phishing attacks from Q1 to Q2 2019

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the linux mailing list