About
RiskPundit

RiskPundit

Opinions about information security from a risk management perspective

Fake YouTube page used to infect soccer fans

11. July 2010 · Comments Off on Fake YouTube page used to infect soccer fans · Categories: blog · Tags: fake web pages, Social Engineering, Zscaler

Zscaler discusses yet another example of blackhats drawing unsuspecting fans to fake web pages containing malware. This time it’s a fake YouTube page designed to attract soccer fans during the World Cup.

I call this type of attack, “inside-out,” in the sense that the attacker draws an insider out to a web-page to initiate the attack rather than using the traditional “outside-in” direct attack method of finding and exploiting a network or application vulnerability. While traditional vulnerability assessments are still important, they do not provide the complete picture of your risks.

This is why we recommend a Next Generation Firewall or a Secure Web Gateway which offers protection from this type of social engineering attack.

Search:

Tweets by @riskpundit

Recent Posts

Evolution of Network Intrusion Detection
Cybersecurity Architecture in Transition to Address Incident Detection and Response
The evolution of SIEM
Jumping to conclusions about the Target breach
Prioritizing Vulnerability Remediation – CVSS vs. Threat Intelligence

Archives

Tags

Apple application security bank fraud botnets breach breaches C&C cloud security Command & Control compliance Damballa DNS Facebook FireEye Firesheep funds transfer fraud Gartner Google Heartland Payment Systems HIPAA identity theft information technology iPhone IT Security IT Security 2.0 Koobface malware Microsoft next-generation firewall Palo Alto Networks PCI DSS phishing Positive Control Model privacy risk Risk management SANS 20 Critical Controls security security management SIEM Social Engineering social networking Stuxnet Web 2.0 Zeus

Meta

Log in
Entries feed
Comments feed
WordPress.org

© 2024 RiskPundit. All rights reserved.

Design by picomol. Powered by WordPress.