Movie and TV watchers who download pirated content have long been warned of the potential for malware that might accompany their chosen media. Now use is again being made of Digital Rights Management (DRM) functionality — designed to prevent piracy — to distribute malware. The new attack, brought to Cyren’s

Cyren caught a new Locky email spam campaign today which uses a new tactic, delivering the Locky downloader script component as an HTML application, specifically HTA files. The emails are disguised as voice message notifications sent by Peach Telecom, which suggests that the campaign is targeting users in the UK. 

We are now seeing a new wave of Locky, which has yet again updated its delivery mechanism by adding another layer of obfuscation to its downloader script, which Cyren detects as JS/Locky.AT!Eldorado. We previously reported our detection of key changes in Locky’s methods on June 27 (new sandbox evasion techniques),

I can’t remember the last time I read the news where I didn’t see a headline that involved a business becoming a victim of cybercrime due to phishing. Both big and small organizations are targets, with CEOs falling victim to “whaling” (phishing targeted at executive staff) as often as regular

CYREN teamed with Osterman Research to ask questions of IT and security professionals at over 300 small and medium-sized businesses during June, and the resulting report is available for download here, and discussed in last week’s webinar available here. There are a lot of surveys and reports and white papers

A new wave of Locky malware emails have been making the rounds since yesterday — July 20, 2016 — with a critical new development, whereby the Windows executable is now embedded in JavaScript. Essentially, the attached JavaScript file has evolved from being a downloader component into becoming the actual ransomware.

Locky Ransomware continues to be distributed in large numbers, however, the email attachments have been changed, probably due to greater blocking of the JavaScript files that have been favored until now. The Locky attack begins with an email attachment that downloads the actual Locky ransomware. Last week, the Downloader component

In the past week we have seen a resurgence of Locky malware emails. Some examples of the attachment filenames (there are many variations): DETAILS_%username%_291866.ZIP->extracted file: unpaid-166.js  %username%_ADDITION_744341.ZIP-> extracted file:addition-0106.js %username%_INVOICE_337060.ZIP-> extracted file:unpaid-643.js SERVICES_%username%_793350.ZIP-> extracted file:addition-3247.js %username%_SCANNED_869621.ZIP-> extracted file:unpaid-6981.js %username%_UNPAID_116521.ZIP-> extracted file:unpaid-8255.js legend: %username% = local part of the email address

Apple’s “find my iPhone” is one of the most useful reasons to be connected to iCloud. If your iPhone is lost you can leave a message onscreen for the finder to contact you.  Since the introduction of iOS7, the activation of “find my iPhone” also prevents erasing/resetting of the phone

There has been much speculation in the Internet Security industry about the status of Locky – the ransomware heavyweight of February-May 2016 which suddenly ceased distribution at the start of June. As we previously reported Locky was distributed in vast email outbreaks, many times exceeding 10 billion emails/day and often