This article has been indexed from CYREN Blog RSS Feed For more than a year, many employees have been working remotely and may never return to the companies’ offices. Read the original article: New detection category for eXpurgate customers
Category: CYREN Blog RSS Feed
Phishing by the numbers – July 2021
This article has been indexed from CYREN Blog RSS Feed The Cyren Incident and Response research team continuously collects phishing data and identifies the most effective phishing attacks using Cyren Inbox Security (CIS) Read the original article: Phishing by the…
Safe Links in Office 365
This article has been indexed from CYREN Blog RSS Feed Safe Links is a feature of Microsoft Defender for Office 365 (formerly known as Advanced Threat Protection) Read the original article: Safe Links in Office 365
Alert: Fraudsters Stealing Bank Account Details via Fake Facebook Pages
This article has been indexed from CYREN Blog RSS Feed I recently received an SMS notification from my bank about possible fraudulent activity on my credit card account. Read the original article: Alert: Fraudsters Stealing Bank Account Details via Fake…
What is Business Email Compromise (BEC)?
This article has been indexed from CYREN Blog RSS Feed Business Email Compromise (BEC)—also known as email account compromise (EAC)—is a type of phishing attack intended to scam organizations out of money through the impersonation of executives. Read the original…
2021 Phishing & BEC Attacks
This article has been indexed from CYREN Blog RSS Feed I’ve been very busy this summer, which is why I’m just now reading the 2021 Verizon Data Breach Investigations Report. Here are a few takeaways from the section about the…
2021 Phishing & BEC Attacks
This article has been indexed from CYREN Blog RSS Feed I’ve been very busy this summer, which is why I’m just now reading the 2021 Verizon Data Breach Investigations Report. Here are a few takeaways from the section about the…
Axie Infinity Player Wallets Targeted by Poisoned Google Ads Content
This article has been indexed from CYREN Blog RSS Feed The top NFT Ethereum-based game Axie infinity lets its users earn SLP (Smooth Love Potion). This potion can be traded as a crypto currency and has recently reached its all-time…
How Phishers Abuse Hypertext Transfer Protocol Secure (HTTPS) Protocol
This article has been indexed from CYREN Blog RSS Feed What is the first thing that comes to mind when we see sites using HTTPS protocol? Subconsciously we tend to trust these sites presuming that all that we see and/or…
Phishing on Adobe Spark
This article has been indexed from CYREN Blog RSS Feed Threat actors are always on the lookout for inconspicuous ways to execute malicious attacks. One such tactic that has become common is the use of legitimate services as part of…
Phishing on Adobe Spark
This article has been indexed from CYREN Blog RSS Feed Threat actors are always on the lookout for inconspicuous ways to execute malicious attacks. One such tactic that has become common is the use of legitimate services as part of…
Ransomware Attacks Are Here to Stay
This article has been indexed from CYREN Blog RSS Feed Following the highly publicized (and successful) $4M+ ransom of Colonial Pipeline, attacks like these will only get more popular. Read the original article: Ransomware Attacks Are Here to Stay
SolarMarker Backdoor Pretends to be Legit PDFescape Installer
This article has been indexed from CYREN Blog RSS Feed The modified installer of legit “PDFescape Desktop Installer” app looks like this: Read the original article: SolarMarker Backdoor Pretends to be Legit PDFescape Installer
SolarMarker Backdoor Pretends to be Legit PDFescape Installer
This article has been indexed from CYREN Blog RSS Feed The modified installer of legit “PDFescape Desktop Installer” app looks like this: Read the original article: SolarMarker Backdoor Pretends to be Legit PDFescape Installer
Dissecting a UnionBank Phishing Campaign
This article has been indexed from CYREN Blog RSS Feed We have been seeing email notifications about login attempts to UnionBank online accounts, prompting users to reset their password if they found the login attempts were suspicious. Read the original…
Dissecting a UnionBank Phishing Campaign
We have been seeing email notifications about login attempts to UnionBank online accounts, prompting users to reset their password if they found the login attempts were suspicious. Read the original article: Dissecting a UnionBank Phishing Campaign
A Dridex Phishing Campaign
Read the original article: A Dridex Phishing Campaign Phishing remains one of the most popular types of corporate attacks in terms of its prevalence, and therefore it is not surprising that attackers are coming up with increasingly sophisticated methods to…
Phishing campaign masquerading Excel template in the html attachment
Read the original article: Phishing campaign masquerading Excel template in the html attachment Phishing remains one of the most popular types of corporate attacks in terms of its prevalence, and therefore it is not surprising that attackers are coming up…
Loose SPF, DKIM, DMARC, and ARC Settings Sabotage Security
Read the original article: Loose SPF, DKIM, DMARC, and ARC Settings Sabotage Security It’s safe to say that all of our Cyren Inbox Security customers use the native Office 365 security capabilities of Exchange Online Protection and Advanced Threat Protection…
Loose SPF, DKIM, DMARC, and ARC Settings Sabotage Security
Read the original article: Loose SPF, DKIM, DMARC, and ARC Settings Sabotage Security It’s safe to say that all of our Cyren Inbox Security customers use the native Office 365 security capabilities of Exchange Online Protection and Advanced Threat Protection…
“Are you satisfied?” Cyren sees increasing use of forms in account takeover attacks
Read the original article: “Are you satisfied?” Cyren sees increasing use of forms in account takeover attacks Every internet user participates in surveys every day: “Do you like our service?” “Are you satisfied with the order?” “Please, fill the form…
Short-lived Attacks with Excel4 Macro (XLM) Malware
Read the original article: Short-lived Attacks with Excel4 Macro (XLM) Malware Over the past 30 days, we have seen a surge of Excel4 Macro (XLM) malware in our feeds, and on the 25th of January, there were quite a few…
Phishing through the prism of graphic design
Read the original article: Phishing through the prism of graphic design What do bright and catchy presentations, laconic documents, and perfect CVs have in common? Become a supporter of IT Security News and help us remove the ads. Read…
Phishing through the prism of graphic design
Read the original article: Phishing through the prism of graphic design What do bright and catchy presentations, laconic documents, and perfect CVs have in common? Become a supporter of IT Security News and help us remove the ads. Read…
Anatomy of an Attack: Password-Protected Files Attached to Emails
Read the original article: Anatomy of an Attack: Password-Protected Files Attached to Emails Microsoft 365 is pervasive and profoundly vulnerable. Become a supporter of IT Security News and help us remove the ads. Read the original article: Anatomy of…
Anatomy of an Attack: Evasive Zoom phishing campaign using multiple phishing techniques at once
Read the original article: Anatomy of an Attack: Evasive Zoom phishing campaign using multiple phishing techniques at once On Thursday, November 26, at 09:51 UTC, an immense phishing campaign started targeting more… Become a supporter of IT Security News…
Anatomy of an Attack: Evasive Zoom phishing campaign using multiple phishing techniques at once
Read the original article: Anatomy of an Attack: Evasive Zoom phishing campaign using multiple phishing techniques at once On Thursday, November 26, at 09:51 UTC, an immense phishing campaign started targeting more… Become a supporter of IT Security News…
Phishing hosted on high Alexa domains: another dangerous trick in Web
Read the original article: Phishing hosted on high Alexa domains: another dangerous trick in Web How much do you trust such services as Google, Windows, Dropbox? And what about the open access libraries? One more important question is… Become…
Security Awareness Training Won’t Give CISOs or Employees Peace of Mind
Read the original article: Security Awareness Training Won’t Give CISOs or Employees Peace of Mind I attended a virtual roundtable discussion with CISOs this week. The session opened with a somber question: what keeps you up at night? Become…
How Scammers Leverage Email Delivery Services like SendGrid and MailChimp in Phishing Attacks
Read the original article: How Scammers Leverage Email Delivery Services like SendGrid and MailChimp in Phishing Attacks Lately, among the myriad phishing attacks we observe and detect via Cyren Inbox Security… Advertise on IT Security News. Read the original…
Anatomy of a Phishing Attack: Stolen Microsoft 365 Credentials
Read the original article: Anatomy of a Phishing Attack: Stolen Microsoft 365 Credentials Phishing attacks designed to steal Microsoft 365 credentials are launched every day and growing more sophisticated. We recently detected a massive attack that hid a fake Microsoft…
PEMPEMPEM – Hiding Behind Fake Certificates!
Read the original article: PEMPEMPEM – Hiding Behind Fake Certificates! Over the years, enterprise security teams and threat actors have been involved in a never-ending game of cat and mouse. Organizations pour millions of dollars to stop advanced threats, but…
PEMPEMPEM – Hiding Behind Fake Certificates!
Read the original article: PEMPEMPEM – Hiding Behind Fake Certificates! Over the years, enterprise security teams and threat actors have been involved in a never-ending game of cat and mouse. Organizations pour millions of dollars to stop advanced threats, but…
Spear Phishing, Whaling, and Delayed Detonation, Oh My!
Read the original article: Spear Phishing, Whaling, and Delayed Detonation, Oh My! Companies worldwide are up against sophisticated email attacks like Business Email Compromises (BEC). These attacks are also known as spear phishing, impersonation, and whaling, with the goal of…
Microsoft Finally Acknowledges COVID-19-Related Cybercrimes
Read the original article: Microsoft Finally Acknowledges COVID-19-Related Cybercrimes On July 7, Microsoft revealed they’ve been working since December 2019 to wrest control of key domains used in vast cyber attacks in 62 countries. Advertise on IT Security News.…
Secure Email Gateways Cost $3B Last Year – Phishing Attacks Are Still Evading Them
Read the original article: Secure Email Gateways Cost $3B Last Year – Phishing Attacks Are Still Evading Them Despite investing a record $3B in Secure Email Gateways (SEGs) in 2019, US companies still lost $1.7B to phishing. Here’s how attackers…
Canadian Phish Kits Reactivated as Tax-filing Deadlines are Moved
Read the original article: Canadian Phish Kits Reactivated as Tax-filing Deadlines are Moved The economic pain being caused by the COVID-19 pandemic is taking a big toll on a global scale and governments are not exempted by this crisis. Many…
Canadian Phish Kits Reactivated as Tax-filing Deadlines are Moved
Read the original article: Canadian Phish Kits Reactivated as Tax-filing Deadlines are Moved The economic pain being caused by the COVID-19 pandemic is taking a big toll on a global scale and governments are not exempted by this crisis. Many…
File-less (almost) and Confused
Read the original article: File-less (almost) and Confused Amidst the crisis the world is going through because of the Covid-19 pandemic, malicious actors continue to take advantage of the situation to lure unsuspecting online consumers into installing malware into their…
VelvetSweatshop Revival with Excel4 Macro Malware Delivers Gozi/Ursnif Amidst Covid-19 Chaos
Read the original article: VelvetSweatshop Revival with Excel4 Macro Malware Delivers Gozi/Ursnif Amidst Covid-19 Chaos In the past month, we have been seeing a surge in Excel malware using Excel4 Macros (XLM) in hidden worksheets. Just a few weeks ago,…
Covid AgentTesla
Read the original article: Covid AgentTesla With the world under threat of the COVID-19 aka corona virus, many cybercriminals are taking this opportunity to blend in the chaos. Here we have an email posing to have an order of masks.…
Protect From Evasive Phishing with Email Security Defense-in-Depth
Email security is broken. Companies are attempting to defend against today’s sophisticated attacks using technology developed to block spam and malware. In the late 1990s, spam had become a serious problem and propagation of malware by email started to increase.…
Protect From Evasive Phishing with Email Security Defense-in-Depth
Email security is broken. Companies are attempting to defend against today’s sophisticated attacks using technology developed to block spam and malware. In the late 1990s, spam had become a serious problem and propagation of malware by email started to increase.…
Emotet Still Evolving—New Variants Detected
Emotet malware campaigns continue to evolve, below we share a breakdown of samples of two new malicious downloader variants that appeared toward the end of January, as can be seen in this chart of the samples detected by Cyren per…
Excel Macro Campaign Targets European and US Banks
We recently received reports of a new email campaign utilizing Excel Workbook attachments that contain a malicious macro targeting recipients in the banking industry. We decided to quickly provide some payload analysis of the attachment’s behavior and share Indicators of…