Category: cyren

Home Depot Breach Results in First Phishing Scam

It didn’t take long for scammers to catch a ride on the Home-Depot-data-breach wave. Last week, CYREN caught and blocked emails claiming to be from American Express, containing the “subject header” “American Express – Security concern on Data breach at Home Depot.”  The email takes an insidiously effective approach, reminding

ShellShock’s Payload Leads to Malware

Shellshock exploded on the scene last week, making headlines in major newspapers and security blogs. Shellshock is a security hole in the Unix/Linux “Bash” Shell. Bash is a command processor that typically runs in a text window, allowing the user to type commands which cause actions. For the non-Linux/UNIX users

A Little Phishing Story

You receive an email (purportedly from Amazon.de) informing you that to protect your identity they would like to give you a new Amazon email address. Amazon.de assures you that their system is fraud-proof, as they use advanced filtering techniques to prevent unwanted emails. Further, they remind you that if you

Bloggers Beware: Vulnerabilities in WordPress

Increasingly cybercriminals are looking for any avenue possible to conduct an attack, and vulnerabilities in WordPress offer that path or “threat vector” to hackers wishing to gain access to a computer or network in order to deliver malicious content. CYREN discovered several compromised WordPress sites, including this one, for a

Finding Dunihi By Houdini

*Updated on October/24/2014 Last weekend, I found Dunihi on the laptop of my brother in-law who works in a construction corporation. Dunihi is a RAT (Remote Access Tool) written in VBS (Visual Basic Script) that provides backdoor access to the infected system. We detect this as VBS/Dunihi. It may have

How Did a Hacker Get Photos of So Many Celebrities in Their Birthday Suits?

This week’s big hacking news that the personal iCloud accounts of at least 100 celebrities were compromised and personally “revealing” images stolen off them, seems to have kept the news outlets buzzing for a while.  The question most people are asking (CYREN included) is “How did this happen?” A targeted

Phony Robin Williams Phone Video Posts on Facebook

There are times when you find the efforts of cybercriminals both amusing and annoying, and then there are times when your contempt for these villainous creeps really gets to you. The recent and tragic death of actor and comedian Robin Williams shocked the world. Most people strongly feel that the

Fake File Extensions & Document Icons – How Do You Recognize Them?

  What You See Isn’t Necessarily What You Get  A rise in malware distributed via fake document icons has been consistent over the past few years. While nothing new, unsuspecting victims regularly still get taken in by this form of cybercrime which primarily targets the Adobe Acrobat PDF, Microsoft Word

419 scam uses Ebola virus tragedy

Cybercriminals will stoop to any level it seems, even using the tragedy of the Ebola virus in West Africa to steal money. In the latest “419” rendition, scammers distribute an email claiming the recipient is the beneficiary of a large amount of money left in a bank account by a