Cyber Security Awareness Month October was Cybersecurity Awareness Month. Out of curiosity, I looked online to see what sort of information was available on the topic. I wasn’t surprised by the results; there were thousands of links, including newspaper articles, infographics, and general awareness notices, with sources that included the

Earlier this year we witnessed several enterprises being targeted by Bartallex in spam emails. Bartallex uses Microsoft Word documents and social engineering techniques to trick enterprise users into opening and executing the embedded macro code in the document. When enabled, the macro code downloads and executes banking malware Dridex, a

Summer is finally over and it’s time for employers to refocus and take advantage of the remaining budget for the year to get new recruits in before the holiday season starts. Essentially, fall season is the time when people like fresh college graduates come into the market looking for new

As users become more aware of phishing and data theft, they become more cautious. Unfortunately as users become more cautious, attackers must become more devious. In a recent discovery, we found a phishing website that had been issued a valid SSL Certificate. SSL Certificates are small data files that activate

While high-profile data breaches may have declined in frequency during the quarter, they most definitely rose in impact. The fallout from the US Government Office of Personnel Management (OPM) data breaches continues to be felt, the latest example of which being that GSA has placed contracts for post-breach protection for

In 2014, the phishing URLs tracked by CYREN increased dramatically, rising 233% from the previous year. Why did this number increase? One reason is the potential for monetary gain. Cyber criminals use phishing attacks to steal personally sensitive and identifiable information from users. Sometimes this is to gain access to

In the past few months, we have noticed a rise in spam emails that have an attachment of “.DOC” extension filename but actually is a “.MHT” file. This trending trick seems to be a new way to spread macro malware. A file with “.MHT” extension is a Web page archive

In late March Slack confirmed they had suffered a security breach where “there was unauthorized access to a Slack database storing user profile information”. Slack is a recently launched team collaboration tool that offers organizations a way to simplify communications, file-sharing, project management and more. Organizations sign up their employees

It is in my routine to read emails before starting my daily work while enjoying my cup of coffee. While browsing for important emails I need to separate spam emails from legitimate emails and analyze the spam emails. I was trying to sort out the spam emails when I came