Category: cyren

Infosec Island: When Is Apple.com Not Apple.com?

To get up to speed on the latest technique used by phishing site operators to present legitimate-but-fake (!) web sites, check out Cyren security researcher Magni Sigurdsson’s column in Infosec Island, which details how cybercriminals are exploiting a browser capability for representing non-Latin characters to make users think they really

Is Monday the Worst Day of the Week…for Security?

The IT manager responsible for information security at an enterprise account — let’s call him “Steve” — recently shared an interesting story. In general, he felt that they handle security pretty well, but he detailed one challenge that they haven’t yet been able to solve — users roaming outside the

It’s Baaack! Dridex Targets UK With a New Set of Guns

In the midst of the recent revival of Dridex, the notorious family of banking trojans, a Dridex attack scheme targeted at stealing UK users online banking credentials was detected this week (and is being blocked) by Cyren’s security cloud. This new attack is initiated by an email PDF attachment claiming

Point, Click and Hack — Phishers Try Wix

Wix allows anyone to create a free website with simple point, click and drag formatting. Of course, “anyone” can include phishers and malware distributors, and we at the Cyren Security Lab discovered earlier this week just such abuse of a Wix page targeted at Office 365 users, the subject of

Students Targeted by Test Prep SEO Attack

College entrance exams are anxiety inducing for many students, now made all the more stressful by the discovery by Cyren researchers of malware targeting students seeking an exam reviewer or test preparation service. A recent search for “college entrance exam reviewer pdf” led to an SEO (search engine optimization) attack

Cyren Unified Internet Security Goes Live

Following on the heels of our February announcement, we are pleased to share here that Cyren’s SaaS Internet security platform upgrade, Cyren Cloud Security 4.0, went live on March 26. Integrated Web and Email Security This release deepens the integration of our cloud-based enterprise security offerings — web security, email

Companion Ransomware — 2-for-1 Malware Distribution

As reported in February, Cerber and other ransomware groups are now offering Ransomware-as-a-Service, giving affiliates/partners a percentage of the collected ransom. In a new sort of “two-for-one” malware service deal, Cyren has detected variants of the Kovter click-fraud malware being distributed with “companion” Cerber ransomware by the Kovter malware team.

IT Security Survey in the UK – 75% Hacked in Past Year

Cyren teamed with Osterman Research to do extensive interviews of IT and security professionals at over 100 small and mid-sized enterprises (SME) in the United Kingdom last month, and the resulting report, IT Security in the UK: 2017 Business Survey, is now available for free download. A summary overview of

Global Copycats iPhishing Lost iPhones

In a post last month, Brian Krebs related the case of an iPhone user in Brazil who, in attempting to recover their phone, suffered a rather insidious phishing attempt. We also had received an almost identical firsthand account — from someone in Israel. A modest web search immediately turns up

Krebs Exposed IoT Botnet Mastermind — Think That’s the End?

For several years, cybersecurity professionals have been predicting an impending malware onslaught originating from Internet of Things (IoT) devices—“smart” everyday household items that can connect to the Internet, such as refrigerators, WiFi routers, DVRs, baby monitors, security cameras, thermostats, and so forth. During 2016, the future became the ‘here and