Locky Ransomware continues to be distributed in large numbers, however, the email attachments have been changed, probably due to greater blocking of the JavaScript files that have been favored until now. The Locky attack begins with an email attachment that downloads the actual Locky ransomware. Last week, the Downloader component

In the past week we have seen a resurgence of Locky malware emails. Some examples of the attachment filenames (there are many variations): DETAILS_%username%_291866.ZIP->extracted file: unpaid-166.js  %username%_ADDITION_744341.ZIP-> extracted file:addition-0106.js %username%_INVOICE_337060.ZIP-> extracted file:unpaid-643.js SERVICES_%username%_793350.ZIP-> extracted file:addition-3247.js %username%_SCANNED_869621.ZIP-> extracted file:unpaid-6981.js %username%_UNPAID_116521.ZIP-> extracted file:unpaid-8255.js legend: %username% = local part of the email address

Apple’s “find my iPhone” is one of the most useful reasons to be connected to iCloud. If your iPhone is lost you can leave a message onscreen for the finder to contact you.  Since the introduction of iOS7, the activation of “find my iPhone” also prevents erasing/resetting of the phone

There has been much speculation in the Internet Security industry about the status of Locky – the ransomware heavyweight of February-May 2016 which suddenly ceased distribution at the start of June. As we previously reported Locky was distributed in vast email outbreaks, many times exceeding 10 billion emails/day and often

Viral pandemics are certainly cause for a hospital to declare a “state of emergency.” But in the case of Methodist Hospital in Kentucky, the virus that caused the “internal state of emergency” didn’t relate to hundreds of patient-filled stretchers… In this instance, Locky had infected the hospital’s entire computer system,

As we have pointed out several times, cybercrime is a business, and running a malware or phishing campaign does require some financial investment by the bad actors. Rental of botnets, purchase of exploit kits, and acquisition of compromised site lists are all expenses that need to be covered by the

Over the last few years, we’ve repeatedly reported on the fact that cybercriminals are stealthy, smart, and sophisticated. They’re building global organized cybercrime syndicates and, with one simple piece of malware, can generate millions of dollars in just a few days. Like any aggressive business, they’re capable of altering their

Locky Ransomware in 2016  Ransomware has surged dramatically this year with the launch of a new variant called “Locky.” Delivered via massive malicious spam blasts (malspam), Locky represented 40% of all malware distributed worldwide during the first quarter of 2016. And as these attacks have become more sophisticated, attackers are

As CYREN’s GlobalView security cloud churns through billions of pieces of information every day, our researchers are busy examining how certain threats work in order to make the whole automated system continuously smarter. Certain threats we find represent marked “advances” in intrusion techniques. A deep dive on the mechanics of

New and old malware are showing increasing sophistication With as many as one million new malware threats being released each day, it comes as no surprise that many of these viruses are advanced and targeted. CYREN examined the various malware threats that appeared during 2015 and discovered some interesting trends,