Federal Friday - 5.30.14 - Social Engineering from the Middle East

Blog Post created by jschim Employee on May 30, 2014

Happy Friday, Federal friends. You can tell it's almost Summah up here because it's been 50 and raining this week.


So an interesting piece of news from an article on DarkReading this week regarding an ongoing campaign targeting government officials and contractors of both the US and Israel. This is a mash-up of social engineering techniques from phishing to social network spoofing. The campaign, titled Newscaster, had the threat actors posing as legitimate members of the media who created fake LinkedIn, Facebook, Twitter, and YouTube accounts to validate their ruse. The malware used was rather basic, but the deceptive nature of creating these fake profiles and corresponding websites increased the sophistication level of the attack. This is something to take note of? Ajax spent most of their time in creating slick social engineering tools, and less time on malware. They also got creative in how they attacked their targets by focusing on their friends and family within the Social Networks they were using for the campaign. While the technology behind the attacks was basic, these tools and tactics were creative enough to ensnare 2,000 people in their trap.


There is some silver lining out there, and it comes in the form of a Penetration Test. GCN had a nice piece this week from the Director of the Cyber Attack Prevention Division at Knowledge Consulting Group (KCG). He points out 6 vulnerabilities, both electronic and human, that a penetration test can highlight within your Network. While the  6 steps listed below won't stop every attack, discovering them in your network and addressing your defined gaps is a tremendous way to immediately improve your security posture.


  1. Pass-the-hash
  2. Password reuse
  3. Patch management
  4. Unsupported legacy software
  5. Insecure in-house developed applications
  6. User awareness


Stay vigilant.


Michael Dudikoff is ready, are you?