Author: tetiana.vashchenko@data443.com

Companion Ransomware — 2-for-1 Malware Distribution

As reported in February, Cerber and other ransomware groups are now offering Ransomware-as-a-Service, giving affiliates/partners a percentage of the collected ransom. In a new sort of “two-for-one” malware service deal, Cyren has detected variants of the Kovter click-fraud malware being distributed with “companion” Cerber ransomware by the Kovter malware team.

IT Security Survey in the UK – 75% Hacked in Past Year

Cyren teamed with Osterman Research to do extensive interviews of IT and security professionals at over 100 small and mid-sized enterprises (SME) in the United Kingdom last month, and the resulting report, IT Security in the UK: 2017 Business Survey, is now available for free download. A summary overview of

Global Copycats iPhishing Lost iPhones

In a post last month, Brian Krebs related the case of an iPhone user in Brazil who, in attempting to recover their phone, suffered a rather insidious phishing attempt. We also had received an almost identical firsthand account — from someone in Israel. A modest web search immediately turns up

Krebs Exposed IoT Botnet Mastermind — Think That’s the End?

For several years, cybersecurity professionals have been predicting an impending malware onslaught originating from Internet of Things (IoT) devices—“smart” everyday household items that can connect to the Internet, such as refrigerators, WiFi routers, DVRs, baby monitors, security cameras, thermostats, and so forth. During 2016, the future became the ‘here and

French Ministry “Survey” Delivers Macro Backdoor

Thinking of moving to France? Soyez très prudent! That form you’re busy filling out may be uploading and downloading files, exfiltrating data, doing reconnaisance of your network — or worse. A criminal malware group behind a sophisticated Excel macro backdoor, which has been targeting Middle Eastern financial institutions since 2015,

New Phishing Wave Targets Online Banking and Digital Payment Customers

Cyren researchers are seeing a new phishing technique targeting online banking users from Wells Fargo, Chase and Capital One, along with digital payment customers from Paypal and Venmo, among others. This new wave of phishing attacks builds on previously known techniques. Phishing email attachments, for example, rely relying on email

New Cerber Ransomware-as-a-Service Causing Fresh Outbreaks

Cerber ransomware first appeared in February 2016, and according to initial reports (by SenseCy) it was offered in the form of Ransomware-as-a-Service (RaaS), where affiliates can join in order to distribute the ransomware, while the Cerber developers earn a commission from each ransom payment. Cyren is now detecting fresh outbreaks

Fake bank transfer emails stealing Bitcoin and passwords

Cyren has discovered an outbreak of malware which is stealing passwords as well as Bitcoin from crypto-currency wallets on PCs. This versatile keylogger malware is being delivered as an attachment to phony bank transfer emails, which inform the recipient that they have received a deposit. The emails are originating primarily

Email Security Survey: 75% of Companies Hacked in Past Year

A new survey conducted by Osterman Research and co-sponsored by Cyren shows that 75% of businesses surveyed incurred a security breach in the past 12 months. The top two culprits? Email phishing attacks infected systems at 37% of the companies, while 24% of respondents suffered successful ransomware attacks through file

The Rise of Botnets

The year 2016 was certainly notable for Locky and the rise of ransomware, but these last months our attention has been drawn to a fundamental element of the underlying criminal cyber infrastructure — botnets.  In July, major attacks using LizardStresser, a distributed denial-of-service (DDoS) botnet using IoT devices, were launched