Category: Blog

Locky 2? Jaff Ransomware Launched from Necurs Botnet

Despite WannaCrypt grabbing all the headlines, it is far from being the only ransomware in circulation. A second wave of Jaff ransomware is now being distributed by the stealthy Necurs botnet. Starting on Monday, May 8 (around 9:30 UTC), the Necurs botnet was harnessed to distribute a new Locky-style email

WannaCrypt Ransomware Spreads Like A Worm Via NSA Exploit

UPDATE (May 14): WannaCrypt/WannaCry is still being delivered through file sharing services over https at hxxps://transfer.sh and hxxps://down.xn--wda.fr/  __________________ The WannaCrypt ransomware (aka WannaCryptor, Wcrypt, and WannaCry) has managed to infect thousands of systems within just a few hours of its first appearance yesterday, with estimates on the order of

The ABCs of GDPR

The ABCs of GDPR Acronyms and abbreviations used to be relegated to those in the military and government: MDA (Missile Defense Agency), USPS (United States Postal Service), RAF (Royal Air Force). But the proliferation of social media sites like Twitter and Snapchat has moved acronyms into the mainstream: IMHO, YOYO,

Google Docs Phishing Attack Worms Its Way In

Repeatedly referred to in the press as “massive,” the Google Docs attack which has been the talk of the security blogosphere and even mainstream media this past week appears to have sent invitation emails to an estimated “less than 0.1%” of Gmail users, according to Google’s own statement, which is

Infosec Island: When Is Apple.com Not Apple.com?

To get up to speed on the latest technique used by phishing site operators to present legitimate-but-fake (!) web sites, check out Cyren security researcher Magni Sigurdsson’s column in Infosec Island, which details how cybercriminals are exploiting a browser capability for representing non-Latin characters to make users think they really

Is Monday the Worst Day of the Week…for Security?

The IT manager responsible for information security at an enterprise account — let’s call him “Steve” — recently shared an interesting story. In general, he felt that they handle security pretty well, but he detailed one challenge that they haven’t yet been able to solve — users roaming outside the

CLASSIDOCS.COM ANNOUNCES AI FOR DATA CLASSIFICATION

ClassiDocs is making generally available an industry-first Artificial Intelligence for Data Classification – adding to its significant technology and market differentiators for structured and unstructured data sets. “Our labs have been researching for some time different technologies to help organizations approach the ultimate in data classification – classifying all data

It’s Baaack! Dridex Targets UK With a New Set of Guns

In the midst of the recent revival of Dridex, the notorious family of banking trojans, a Dridex attack scheme targeted at stealing UK users online banking credentials was detected this week (and is being blocked) by Cyren’s security cloud. This new attack is initiated by an email PDF attachment claiming

Point, Click and Hack — Phishers Try Wix

Wix allows anyone to create a free website with simple point, click and drag formatting. Of course, “anyone” can include phishers and malware distributors, and we at the Cyren Security Lab discovered earlier this week just such abuse of a Wix page targeted at Office 365 users, the subject of

Students Targeted by Test Prep SEO Attack

College entrance exams are anxiety inducing for many students, now made all the more stressful by the discovery by Cyren researchers of malware targeting students seeking an exam reviewer or test preparation service. A recent search for “college entrance exam reviewer pdf” led to an SEO (search engine optimization) attack