Author: tetiana.vashchenko@data443.com

You Should Enlist Your Employees in Threat Detection

Your employees’ instincts are incredibly valuable and can help you crowdsource threats. With Cyren Inbox Security, they’re one click away from flagging an email as suspicious, and telling Cyren to search for lookalike emails in the system. How IDRs leverage user data Though it’s often positioned as the “last line

Covid-19 Exposes a Newly Remote Workforce to More Evasive Phishing Attacks

With the world threatened and preoccupied by Covid-19, cybercriminals are taking advantage of the chaos. In the past month, we’ve seen: A surge in malware using Excel4 Macros (XLM) in hidden worksheets, under the guise of “Important information about CoVid-19” AgentTesla sending an email posing to have an order of

Covid AgentTesla

With the world under threat of the COVID-19 aka corona virus, many cybercriminals are taking this opportunity to blend in the chaos. Here we have an email posing to have an order of masks. An important personal protection equipment that is on a very high demand as of this moment. 

Excel4 Macro Malware Delivers Gozi/Ursnif via a VelvetSweatshop Revival

We have been seeing a surge in Excel malware using Excel4 Macros (XLM) in hidden worksheets. Recently, malicious actors started reviving an age-old technique to further hide the malicious XLM code by leveraging the VelvetSweatshop secret password in Excel workbooks. What is Macro Malware?  Macro malware has been a popular

File-less (almost) and Confused

Amidst the crisis the world is going through because of the Covid-19 pandemic, malicious actors continue to take advantage of the situation to lure unsuspecting online consumers into installing malware into their systems. We have recently found reports of malicious Powerpoint slides being sent through email, which are disguised as

Schützen Sie sich mit tiefgehender E-Mail-Sicherheit (Email Security Defense-in-Depth) vor Evasive Phishing

Phishing-E-Mails und Ransomware finden weiterhin ihren Weg in die Posteingänge. Da könnte einem der Gedanke kommen: E-Mail-Sicherheit funktioniert einfach nicht. Es ist offensichtlich, dass Unternehmen beim Versuch, sich vor den ausgetüftelten Angriffen von heute zu schützen, Technologie einsetzen, die ursprünglich dazu konzipiert war, Spam und Malware zu blockieren. Ende der

Protect From Evasive Phishing with Email Security Defense-in-Depth

As phishing emails and ransomware continue to find their way into the user inbox, we are led to the following idea — email security is broken. It has become obvious that companies are attempting to defend against today’s sophisticated attacks using technology developed to block spam and detect malware. In

Emotet Malware Still Evolving: New Variants Detected

Emotet malware campaigns continue to evolve, below we share a breakdown of samples of two new malicious downloader variants that appeared toward the end of January 2020, including lists of IOCs and payload detections for each. To give a sense of timing, you can see in this chart the samples

Top 20 Brands Targeted for Yuletide Phishing

As the final crush is on for Christmas shopping, keep in mind that online retailers and financial sites are still the most popular targets for phishing, according to recent analysis by the Cyren security lab. To learn which brands were the most frequently targeted by phishers, Cyren analysts extracted about

Exploiting CAPTCHA: The Latest Evasive Phishing Tactic

The Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) has been used in commercial applications since the early 2000s. As its name suggests, it is a mechanism for ascertaining that a real human is performing an action at a web site. CAPTCHA is generated by distorting