I can’t remember the last time I read the news where I didn’t see a headline that involved a business becoming a victim of cybercrime due to phishing. Both big and small organizations are targets, with CEOs falling victim to “whaling” (phishing targeted at executive staff) as often as regular

CYREN teamed with Osterman Research to ask questions of IT and security professionals at over 300 small and medium-sized businesses during June, and the resulting report is available for download here, and discussed in last week’s webinar available here. There are a lot of surveys and reports and white papers

A new wave of Locky malware emails have been making the rounds since yesterday — July 20, 2016 — with a critical new development, whereby the Windows executable is now embedded in JavaScript. Essentially, the attached JavaScript file has evolved from being a downloader component into becoming the actual ransomware.

Locky Ransomware continues to be distributed in large numbers, however, the email attachments have been changed, probably due to greater blocking of the JavaScript files that have been favored until now. The Locky attack begins with an email attachment that downloads the actual Locky ransomware. Last week, the Downloader component

In the past week we have seen a resurgence of Locky malware emails. Some examples of the attachment filenames (there are many variations): DETAILS_%username%_291866.ZIP->extracted file: unpaid-166.js  %username%_ADDITION_744341.ZIP-> extracted file:addition-0106.js %username%_INVOICE_337060.ZIP-> extracted file:unpaid-643.js SERVICES_%username%_793350.ZIP-> extracted file:addition-3247.js %username%_SCANNED_869621.ZIP-> extracted file:unpaid-6981.js %username%_UNPAID_116521.ZIP-> extracted file:unpaid-8255.js legend: %username% = local part of the email address

Apple’s “find my iPhone” is one of the most useful reasons to be connected to iCloud. If your iPhone is lost you can leave a message onscreen for the finder to contact you.  Since the introduction of iOS7, the activation of “find my iPhone” also prevents erasing/resetting of the phone

There has been much speculation in the Internet Security industry about the status of Locky – the ransomware heavyweight of February-May 2016 which suddenly ceased distribution at the start of June. As we previously reported Locky was distributed in vast email outbreaks, many times exceeding 10 billion emails/day and often

Viral pandemics are certainly cause for a hospital to declare a “state of emergency.” But in the case of Methodist Hospital in Kentucky, the virus that caused the “internal state of emergency” didn’t relate to hundreds of patient-filled stretchers… In this instance, Locky had infected the hospital’s entire computer system,

As we have pointed out several times, cybercrime is a business, and running a malware or phishing campaign does require some financial investment by the bad actors. Rental of botnets, purchase of exploit kits, and acquisition of compromised site lists are all expenses that need to be covered by the

Over the last few years, we’ve repeatedly reported on the fact that cybercriminals are stealthy, smart, and sophisticated. They’re building global organized cybercrime syndicates and, with one simple piece of malware, can generate millions of dollars in just a few days. Like any aggressive business, they’re capable of altering their