Armour Comms launches industry leading secure Grou... » London: In direct response to customer demand, Armour Communications has announced the availability ... TDSi Supports Education Programme at IFSEC Inter... » Poole: Integrated security manufacturer TDSi will be sponsoring the Tavcom Training Theatre at IFSEC... 'POWER PLAYERS' INITIATIVE OPENS TO ENTRIES » Leading younger people from across the engineering services sector have a new opportunity to be reco... Multitone launches comprehensive EkoCare Communi... » Multitone Electronics plc has announced the launch of its new EkoCare range for healthcare facilitie... Momentum builds as Critical Communications World d... » Critical Communications World (May 16-18, Hong Kong) is the leading and most influential congress an... New initiative shows increasing importance of CSR » A major new survey on corporate social responsibility (CSR) is now open to electrotechnical busine... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTORA... » SERIES: BUHARISM AND THE FIERCE URGENCY OF NOW A treatise on pastoral jihadism, islamism, arabism a... Commvault partners with Pure Storage » Cisco Live, Melbourne, AU and Tinton Falls, NJ: Commvault has announced the integration of its Commv... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTOR... » A treatise on pastoral jihadism, islamism, arabism and cultural imperialism in Nigeria (Ephesians ... Where was Aisha Buhari when idiot Kumapayi flagr... » "Clip-clip..clip-clip...Did you not hear when BABA DAURA say women's place is in the kitchen?" ...



In a new blog post from Ronnie Tokazowski, security researcher, PhishMe, a new phishing scam that employs a shortened Google URL and contains a malicious .zip file that leads to a variant of the Cryptowall ransomware, is discussed.


Key takeouts from the post include:

Updated anti-virus should protect you from this threat, right? In this case, it probably won’t since only a fraction of vendors are picking up on this malware at the time of writing.

By following the bitcoin wallet exchanges, we have been able to successfully tie the bitcoin wallet from above to the earlier cryptowall campaign from the beginning of June. One of the wallets they are using, 1Leo, currently contains a staggering 710 transferred bitcoins, or roughly $415,000 USD. However, one thing worth noting is the last transaction to this address was 7/19/2014, more funds are being transferred to other accounts as of 7/31/2014, there are bitcoins (and money) currently not accounted for.

Using shortened URLs allows attackers to exploit human weaknesses in a number of ways. By making it more difficult to view and analyze the underlying URL, shortened URLs are more likely to be clicked by the busy or distracted employee who won’t take the time to analyze the link. Since many phishing emails aim to elicit an emotional response from the recipient by threatening negative consequences, a frazzled employee may also hastily click on a short link. Shortened URLs also take advantage of the fact that many employees simply may not be aware of how to view the destination of a shortened URL.