The latest vector in email attacks is credential stealing. This is nothing new, but there has been a serious increase of activity in this space and it is VERY successful. Why? Because they criminals are manning the phishing campaigns with live people who are logging into people’s Internet facing systems without 2-Factor Authentication and sending out more campaigns. Better yet, they are sending it to recent contacts, in small amounts so people are falling for it since they are actively, or have recently communicated with the victim giving the phishing campaign legitimacy.
Michael is a Malware Archaeologist, Blue Team defender, Incident Responder and logoholic. Michael developed several Windows logging cheat sheets to help the security industry understand Windows logging, where to start and what to look for. Michael is co-developer of LOG-MD, a free tool that audits the settings, harvests and reports on malicious Windows log data and malicious system artifacts. Michael is also blogs on HackerHurricane.com on various InfoSec topics. Michael also is co-host of the “Brakeing Down Incident Response” BDIR Podcast to education on Incident Response daily tasks. Michael also ran BSides Texas for five years for the Austin, San Antonio, Dallas and Houston cons.