Search
Close this search box.

Blog

Insights on Data Security & Threat Intelligence

Weaponized by SandWorm

Last week it was announced that a Russian cyber-espionage group called “SandWorm” (named because their code includes references from Frank Herbert’s Dune series) had launched a targeted attack campaign, against NATO, the European Union, Ukrainian government organizations, a United States academic organization, European telecommunication firms and Polish energy sector companies.

Read More >

Malicious use of freely available password recovery tools

I recently came across a piece of malware that is being distributed as an email attachment, posing as a PDF document with a fake file name and icon. It seems like a usual executable malware or botnet client being spammed that does its thing when executed, but after looking into

Read More >

Web Security in Asia Pacific

A recent World Economic Forum report notes that major technology trends, including massive analytics, cloud computing, and big data, could create between $9.6 trillion and $21.6 trillion (US dollars) in value for the global economy. However, delays in adopting cybersecurity capabilities could result in a $3 trillion loss in economic

Read More >

Home Depot Breach Results in First Phishing Scam

It didn’t take long for scammers to catch a ride on the Home-Depot-data-breach wave. Last week, CYREN caught and blocked emails claiming to be from American Express, containing the “subject header” “American Express – Security concern on Data breach at Home Depot.”  The email takes an insidiously effective approach, reminding

Read More >

ShellShock’s Payload Leads to Malware

Shellshock exploded on the scene last week, making headlines in major newspapers and security blogs. Shellshock is a security hole in the Unix/Linux “Bash” Shell. Bash is a command processor that typically runs in a text window, allowing the user to type commands which cause actions. For the non-Linux/UNIX users

Read More >

A Little Phishing Story

You receive an email (purportedly from Amazon.de) informing you that to protect your identity they would like to give you a new Amazon email address. Amazon.de assures you that their system is fraud-proof, as they use advanced filtering techniques to prevent unwanted emails. Further, they remind you that if you

Read More >

Bloggers Beware: Vulnerabilities in WordPress

Increasingly cybercriminals are looking for any avenue possible to conduct an attack, and vulnerabilities in WordPress offer that path or “threat vector” to hackers wishing to gain access to a computer or network in order to deliver malicious content. CYREN discovered several compromised WordPress sites, including this one, for a

Read More >

Finding Dunihi By Houdini

*Updated on October/24/2014 Last weekend, I found Dunihi on the laptop of my brother in-law who works in a construction corporation. Dunihi is a RAT (Remote Access Tool) written in VBS (Visual Basic Script) that provides backdoor access to the infected system. We detect this as VBS/Dunihi. It may have

Read More >

Online privacy: It’s time for a new security paradigm – FCW

I am very pleased Mr. Hyde agreed to join to my growing Board of Advisors.  His decades of experience in the defense and intelligence community, plus his interest in cyber, access control and technical innovation make him a perfect fit.  M Excerpt below is from the article available at: http://fcw.com/Articles/2014/09/23/Online-privacy-new-security-paradigm.aspx (Abridged) Internet use

Read More >