We have been seeing a surge in Excel malware using Excel4 Macros (XLM) in hidden worksheets. Recently, malicious actors started reviving an age-old technique to further hide the malicious XLM code by leveraging the VelvetSweatshop secret password in Excel workbooks. What is Macro Malware? Macro malware has been a popular
Amidst the crisis the world is going through because of the Covid-19 pandemic, malicious actors continue to take advantage of the situation to lure unsuspecting online consumers into installing malware into their systems. We have recently found reports of malicious Powerpoint slides being sent through email, which are disguised as
Phishing-E-Mails und Ransomware finden weiterhin ihren Weg in die Posteingänge. Da könnte einem der Gedanke kommen: E-Mail-Sicherheit funktioniert einfach nicht. Es ist offensichtlich, dass Unternehmen beim Versuch, sich vor den ausgetüftelten Angriffen von heute zu schützen, Technologie einsetzen, die ursprünglich dazu konzipiert war, Spam und Malware zu blockieren. Ende der
As phishing emails and ransomware continue to find their way into the user inbox, we are led to the following idea — email security is broken. It has become obvious that companies are attempting to defend against today’s sophisticated attacks using technology developed to block spam and detect malware. In
Emotet malware campaigns continue to evolve, below we share a breakdown of samples of two new malicious downloader variants that appeared toward the end of January 2020, including lists of IOCs and payload detections for each. To give a sense of timing, you can see in this chart the samples
As the final crush is on for Christmas shopping, keep in mind that online retailers and financial sites are still the most popular targets for phishing, according to recent analysis by the Cyren security lab. To learn which brands were the most frequently targeted by phishers, Cyren analysts extracted about
The Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) has been used in commercial applications since the early 2000s. As its name suggests, it is a mechanism for ascertaining that a real human is performing an action at a web site. CAPTCHA is generated by distorting
In the past week we’ve been receiving reports of different—but seemingly related—email malware campaigns targeting banks in both the US and Europe, specifically in the form of Excel Workbooks containing a malicious macro being sent as an attachment to emails. What’s interesting is that even though the email themes used
Symantec’s acquisition by Broadcom, announced recently, represents yet another major change for this cyber security vendor and service provider. Given the explicitly stated intention to focus only on the largest 2000 organisations globally, only time will tell what the impact will be on its smaller enterprise and mid-market customers. For
Phishing-as-a-Service stellt benutzerfreundliche Phishing-Angriffstools und sogar vollständige Kampagnen zu günstigen Preisen zur Verfügung. Je nach Service-Level kostet ein Full-Service-Abonnement im Bereich von 50 bis 80 US-Dollar pro Monat und realistische Phishing-Web Kits stehen für nur 50 US-Dollar zum Download bereit. Das Cyren-Forschungslabor hat in diesem Jahr bereits 5.334 neue, einzigartige
