A researcher at Cyren has found that a malicious Google Chrome extension is spreading nude celebrity PDFs to Facebook groups. A user is uploading a PDF document to groups with the name: ”Jessice_Alba_Leaked-sextapeVide_oSun_Dec_4_2016_22_99.mp4.pdf“ Opening the PDF reveals a nude picture with a ”Play“ button in the middle. Clicking on the

Recent headlines are chock-full of reports of email phishing attacks by cybercriminals who outwit employees to obtain sensitive personal data and financial information. Under the guise of recognized web payment and productivity tool requests, hackers lure potential victims into clicking on fake email links that are designed to steal credentials

The era of “HTTPS Everywhere” After years of calling for “HTTPS Everywhere” on the web and encouraging websites to use HTTPS by default, Google officials say the effort has begun to pay off. New data released at the end of October 2016 shows that more than 50% of all pages

A new generation of hyper-evasive malware is defeating legacy sandboxing technology and driving new security countermeasures underpinned by the elastic processing capacity of the cloud, as Cyren’s VP of Threat Research explains in an article in the September issue of (IN)SECURE Magazine.  In the article, Sigurdur Stefnisson reviews the evolution

Movie and TV watchers who download pirated content have long been warned of the potential for malware that might accompany their chosen media. Now use is again being made of Digital Rights Management (DRM) functionality — designed to prevent piracy — to distribute malware. The new attack, brought to Cyren’s

Cyren caught a new Locky email spam campaign today which uses a new tactic, delivering the Locky downloader script component as an HTML application, specifically HTA files. The emails are disguised as voice message notifications sent by Peach Telecom, which suggests that the campaign is targeting users in the UK. 

We are now seeing a new wave of Locky, which has yet again updated its delivery mechanism by adding another layer of obfuscation to its downloader script, which Cyren detects as JS/Locky.AT!Eldorado. We previously reported our detection of key changes in Locky’s methods on June 27 (new sandbox evasion techniques),

I can’t remember the last time I read the news where I didn’t see a headline that involved a business becoming a victim of cybercrime due to phishing. Both big and small organizations are targets, with CEOs falling victim to “whaling” (phishing targeted at executive staff) as often as regular

CYREN teamed with Osterman Research to ask questions of IT and security professionals at over 300 small and medium-sized businesses during June, and the resulting report is available for download here, and discussed in last week’s webinar available here. There are a lot of surveys and reports and white papers

A new wave of Locky malware emails have been making the rounds since yesterday — July 20, 2016 — with a critical new development, whereby the Windows executable is now embedded in JavaScript. Essentially, the attached JavaScript file has evolved from being a downloader component into becoming the actual ransomware.