Description

Threat actors are pesky and, once again, they’re up to no good. A new methodology has schemers compromising online forms where users submit their information like their names, email addresses, and, depending on the type of site, some queries relating to their life. This new method indicates that the attackers have figured out a way around the CAPTCHA’s that have been making us all prove we’re not robots by identifying fire hydrants since 1997. And what’s more, we’re not quite sure how they’ve done it.  

In this episode, hosts Natalia Godyla and Nic Fillingham sit down with Microsoft threat analyst, Emily Hacker, to discuss what’s going on behind the scenes as Microsoft begins to dig into this new threat and sort through how best to stop it.  

In This Episode You Will Learn: 

• Why this attack seems to be more effective against specific professionals. 
• Why this new method of attack has a high rate of success. 
• How to better prepare yourself for this method of attack 

Some Questions We Ask: 

• What is the endgame for these attacks?  
• What are we doing to protect against IceID in these attacks? 
• Are we in need of a more advanced replacement for CAPTCHA? 

Resources: 

Emily Hacker

Investigating a Unique ‘Form’ of Email Delivery for IcedID Malware

Microsoft Security Blog

Nic’s LinkedIn

Natalia’s LinkedIn

Related:

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked: CISO Series with Bret Arsenault 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Hosted on Acast. See acast.com/privacy for more information.