Dark side of high Alexa domains How much do you trust such services as Google, Windows, Dropbox? And what about the open access libraries? One more important question is, how much your employees use such services in their daily routine? According to the Cyren Inbox Security traffic statistic, vast amounts

I attended a virtual roundtable discussion with CISOs this week. The session opened with a somber question: what keeps you up at night? The overwhelming majority of CISOs said they’re afraid users will click on something they shouldn’t. And rightfully so – according to the 2019 Global Data Exposure Report,

Spear-phishing spoofed attacks have been and remain one of the most substantial cyber threats that organizations face nowadays. And once we talk about spear-phishing, we can’t help but mention business email compromise (BEC) attacks which if successful result in staggering losses for the companies: the FBI’s Internet Crime Complaint Center

Over the last few weeks Cyren has observed a massive spike in phishing sites hosted on the appspot.com domain that Google uses for its free Google App Engine. Taking advantage of soft routing on Google App Engine Google App Engine is a cloud-based development platform used to host and develop

Last month Microsoft released a sobering Digital Defense Report. From their perch powering 600,000 enterprises’ cloud inboxes (in the United States alone), they report: Malware attacks are decreasing. Instead 70% of attacks are through phishing emails, largely to harvest credentials. Attackers are laying long-term traps that scour the internet looking

  Lately, among the myriad phishing attacks we observe and detect via Cyren Inbox Security, attacks that are distributed via email delivery services (like SendGrid, MailChimp, and MailJet) are increasingly common. How Attackers Take Advantage of Email Delivery Platforms Email magnitude – Email delivery services don’t usually limit the total

Phishing attacks designed to steal Microsoft 365 credentials are launched every day and growing more sophisticated. We recently detected a massive attack that hid a fake Microsoft 365 login page in the incoming emails’ attachments. Related: Microsoft 365 Is Wildly Successful and Profoundly Vulnerable – Here’s Why The attack On

Over the years, enterprise security teams and threat actors have been involved in a never-ending game of cat and mouse. Organizations pour millions of dollars to stop advanced threats, but threat actors continue finding ways to evade detection by either enhancing their code or simply repackaging malware in more ways

On July 7, Microsoft revealed they’ve been working since December 2019 to wrest control of key domains used in vast cyber attacks in 62 countries. This particular phishing scheme used COVID-19-related lures to defraud Microsoft 365 customers. It’s one of many attacks we’ve seen. With tensions high and IT resources

Companies worldwide are up against sophisticated email attacks like Business Email Compromises (BEC). These attacks are also known as spear phishing, impersonation, and whaling, with the goal of convincing an end-user to release money or provide account information. Related: Microsoft 365 Is Wildly Successful and Profoundly Vulnerable – Here’s Why