A targeted campaign to collect Gmail passwords from senior US government officials and military personnel is showing no signs of letting up more than two months after Google first warned it had already snared hundreds of victims. According to independent security researcher Mila Parkour, the same attackers sent a new round of …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 11th August 2011 20:00 GMT joe.user

Ever heard of two factor authentication? TURN IT ON

No excuses anymore. Gmail has done their job, now do yours.

2 0
Thursday 11th August 2011 20:00 GMT Version 1.0

Old news

I've been deleting these things from our mail servers quarantine folder for quite a while now. Recently they seem to have switched from .PDF attachments to .XLS attachments and they are mostly coming from .cn addresses..

The volume comes and goes - we kill these things before parsing the messages through AV so I've no idea whether or not they would get caught at the final line of defense.

0 1
Friday 12th August 2011 08:28 GMT Anonymous Coward

Two-factor Authentication...

...works for me. (Watson's still studying the matter.) And that is all. 0{:-)o<

0 0
Friday 12th August 2011 12:47 GMT Matt Bryant

"....someone using IP addresses belonging to the Tor anonymity service...."

Tor? Oooh, musta been one of those "Web libertarians" then, they're only doing it for the good, or the lulz, or whatever. Couldn't possibly be for eeehvul.....

0 3
Friday 12th August 2011 15:30 GMT Anonymous Coward

Oooh! This just gives me the warm fuzzies about

our agency switching over to them for unified messaging and document services by the end of the year. Especially since we're already rumored to be the playground where they teach the young recruits how to hack before sending them on to the tough stuff.

0 0
Saturday 13th August 2011 00:02 GMT Glenn Charles

and no one but no one is invulnerable

An easy password in a game (worse, a SHARED one) can make everything vulnerable. Someone that plays in a group I head (in the game)...did just that. Vulnerability is much more human than software oriented and always will be. To make it shorter, don't trust. Four letter word, ya know.

0 0