Microsoft has finally admitted that an attack on two of its Twitter accounts and an official blog by a pro-Assad hacking group last weekend also compromised internal emails. The Syrian Electronic Army posted to its Twitter feed several screenshots of emails purportedly belonging to Microsoft employees including Steve Clayton, …
"A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media and email accounts being impacted. "
= Some of our employees are not very bright.
Do you mean their enterprise/domain administrators?
Or, perhaps, their developers...
Yes - and this one should also have a technical education - but moved to sales and marketing... the right kind of people you target with a phishing attack, if you perform that well, they will be perfect "phishes".
It would be intersting to know how the attack was performed - it would be funny if they used some vulnerability for which a patch was available, or if he blindly clicked on an attachment named:
(add more spaces between zip and exe, this site trims them)
Not really - I saw Kevin Mitnick speak recently he said that he (and everyone else in the infosec community) have 100% success rate for pen tests when social engineering is allowed. The systems you put around preventing customer data being compromised is the key.
Phishing?.....I heard that....
Someone phoned from windows claiming that the computers had a virus....
Re: Phishing?.....I heard that....
I love messing with those guys, I try a different approach every time they call, sometimes short, sometimes I'll tie them up for quite some time - I work from home, so it's a nice break and every minute that I'm messing with them is a minute they're not trying to scam someone else.
Need to buy more popcorn ... this new sequel is hilarious ...
Beer coz I got a pint in my hand, it's beer o'clock round 'ere ... ;-)
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Lollipop unwrapped: Chromium WebView will update via Google Play
- Ad-borne Cryptowall ransomware is set to claim FRESH VICTIMS