In a spam campaign that we have been seeing at the end of the year, malware actors were sending out Courier Delivery Notification themed e-mails to lure users into falling prey to the infamous CryptoWall ransomware.  These attached zip files in these e-mails contained malicious javascript files, which were lamely

You might remember CYREN’s previous Cyber-Grinch and Cyber-Scrooge blog article from 2014… Tis the time of the year when this article’s content becomes relevant again!  The Scams of Christmas Past, Present, and Future In 2015, the cyber-criminals, alias Cyber-Grinch and Cyber-Scrooge are active and creative in their goal of making

Year of the Breach 2014 was called by many the “year of the breach”. Throughout the Asia Pacific region , high-profile cases hit the headlines. In Jan 2014, the personal data of 20 million South Koreans — or 40% of the country’s population — was stolen, sparking outrage as worried

Android Malware “GhostPush” Already discovered packaged into 39 different Android apps, “GhostPush” (sometimes also called “Rootnik”) malware turns an infected device into a platform for the installation of adware, unwanted homescreen links, and further malware. Victims have found the malware to be deeply entrenched and difficult to remove.  Malicious Code

Chinese users – a very attractive target for phishing attacks Chinese people are increasingly getting online and adopting mobile services. 2014 was a pivotal year, with the massive adoption of mobile services by over 560 million users. It is anticipated that more than half of the entire population of China

Cyber Security Awareness Month October was Cybersecurity Awareness Month. Out of curiosity, I looked online to see what sort of information was available on the topic. I wasn’t surprised by the results; there were thousands of links, including newspaper articles, infographics, and general awareness notices, with sources that included the

Earlier this year we witnessed several enterprises being targeted by Bartallex in spam emails. Bartallex uses Microsoft Word documents and social engineering techniques to trick enterprise users into opening and executing the embedded macro code in the document. When enabled, the macro code downloads and executes banking malware Dridex, a

Summer is finally over and it’s time for employers to refocus and take advantage of the remaining budget for the year to get new recruits in before the holiday season starts. Essentially, fall season is the time when people like fresh college graduates come into the market looking for new

As users become more aware of phishing and data theft, they become more cautious. Unfortunately as users become more cautious, attackers must become more devious. In a recent discovery, we found a phishing website that had been issued a valid SSL Certificate. SSL Certificates are small data files that activate

While high-profile data breaches may have declined in frequency during the quarter, they most definitely rose in impact. The fallout from the US Government Office of Personnel Management (OPM) data breaches continues to be felt, the latest example of which being that GSA has placed contracts for post-breach protection for