Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
New phishing tool, GoIssue, takes email addresses from public GitHub profiles and sends mass phishing messages to GitHub users.
The tool is specifically designed to target GitHub developers. Researchers warn that compromising developers’ credentials opens the gate for source code stealing, supply chain attacks, and network intrusion.
Cyber Luffy, GoIssue’s seller, claims to be a member of GitLoker Team. They pitch GoIssue on dark forums as a multi-task, automated phishing tool that offers a complete package:
- customizable email templates
- proxy networks to preserve anonymity
- automated email address extraction
- token management
For now, there’s no evidence of the tool being used in any attack, but its capability of launching targeted phishing campaigns remains concerning.
Phishing attack prevention measures
Training and warnings against phishing attacks work to some extent. But many people still get tricked into clicking on malicious links embedded in phishing emails. Fatigue, increased similarity with real, legit communication, can make even a company’s CISO fall for phishing.
The consequences are grim:
- Compromised credentials
- Malware deployment
If the attacker targets a work email, the impact goes beyond infecting one personal computer. In case of malware deployment, the infection can spread to a whole network. Or, in case of compromised credentials, hackers can use those for lateral movement and even privilege escalation.
Email security solutions do a great job filtering spam. Still, they’re not bulletproof.
DNS filtering is one of the strongest layers of defense against phishing attempts. It simply blocks malicious communication attempts. Instead of connecting to a harmful page, clicking on a phishing link will only display a ’page not found’ message on the user’s screen. Problem solved; no harm done.
Best DNS security solutions evolved beyond checking blacklists to see if a domain is malicious or not. Tools like Heimdal’s DNS Security module, for example, use machine learning and behavior analysis to predict if a domain is malicious before anyone else reports it as such.
This drastically reduces the chances of success for phishing campaigns, no matter how sophisticated the hackers’ tools get. You can read more about this technology and book a demo here.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube.
