Category: cyren

Why your email isn’t as secure as you think it is

Recent headlines are chock-full of reports of email phishing attacks by cybercriminals who outwit employees to obtain sensitive personal data and financial information. Under the guise of recognized web payment and productivity tool requests, hackers lure potential victims into clicking on fake email links that are designed to steal credentials

HTTPS is now over 50% of internet traffic – are we safer?

The era of “HTTPS Everywhere” After years of calling for “HTTPS Everywhere” on the web and encouraging websites to use HTTPS by default, Google officials say the effort has begun to pay off. New data released at the end of October 2016 shows that more than 50% of all pages

(IN)Secure Magazine: Hyper-Evasive Threats are Killing Sandboxing

A new generation of hyper-evasive malware is defeating legacy sandboxing technology and driving new security countermeasures underpinned by the elastic processing capacity of the cloud, as Cyren’s VP of Threat Research explains in an article in the September issue of (IN)SECURE Magazine.  In the article, Sigurdur Stefnisson reviews the evolution

Windows Media Player DRM Used for Malware (Again..)

Movie and TV watchers who download pirated content have long been warned of the potential for malware that might accompany their chosen media. Now use is again being made of Digital Rights Management (DRM) functionality — designed to prevent piracy — to distribute malware. The new attack, brought to Cyren’s

Locky Adds New File Format and Attacks UK

Cyren caught a new Locky email spam campaign today which uses a new tactic, delivering the Locky downloader script component as an HTML application, specifically HTA files. The emails are disguised as voice message notifications sent by Peach Telecom, which suggests that the campaign is targeting users in the UK. 

Locky Morphs Again: Now Delivered as DLL

We are now seeing a new wave of Locky, which has yet again updated its delivery mechanism by adding another layer of obfuscation to its downloader script, which Cyren detects as JS/Locky.AT!Eldorado. We previously reported our detection of key changes in Locky’s methods on June 27 (new sandbox evasion techniques),

New Cyberthreat Report: A Deep Dive on Phishing

I can’t remember the last time I read the news where I didn’t see a headline that involved a business becoming a victim of cybercrime due to phishing. Both big and small organizations are targets, with CEOs falling victim to “whaling” (phishing targeted at executive staff) as often as regular

CYREN Survey Benchmarks Security at SMBs — 71% Hacked in the Past Year!

CYREN teamed with Osterman Research to ask questions of IT and security professionals at over 300 small and medium-sized businesses during June, and the resulting report is available for download here, and discussed in last week’s webinar available here. There are a lot of surveys and reports and white papers

Locky Ransomware Now Embedded in Javascript

A new wave of Locky malware emails have been making the rounds since yesterday — July 20, 2016 — with a critical new development, whereby the Windows executable is now embedded in JavaScript. Essentially, the attached JavaScript file has evolved from being a downloader component into becoming the actual ransomware.

Locky Distributors Switch to Word Macro and then WSF Files

Locky Ransomware continues to be distributed in large numbers, however, the email attachments have been changed, probably due to greater blocking of the JavaScript files that have been favored until now. The Locky attack begins with an email attachment that downloads the actual Locky ransomware. Last week, the Downloader component