Today I joined Menlo Security and the reason is simple: After spending more than a decade in the security industry it’s become clear that detection-based security technologies are losing the war against cyber attacks. By joining Menlo Security I’ll be able to help organisations to end attacks delivered via Web and email and push the major fronts of the cyber war back outside of their enterprises.
Dubbed "Operation Pawn Storm," this series of attacks targets military officials as well as various defense contractors. This campaign follows a common playbook (see Rombertik - Rise of Self Aware Malware) of infecting a Website (or typosquatted domain), making it a phishing site, then targets a small group of users - in this case NATO & US defense organization personnel - with spear-phishing emails. Hackers then deliver malware through legitimate Websites using malicious iframes injected into them. Checkout the Trend Micro's analysis from 2014 on Operation Pawn Storm for more details.