The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.
By Mike Fleck Despite investments of time and money in secure email gateways, phishing threats continue to be delivered to the user's inbox. To close this gap in automated detection, many organizations roll out user security awareness...
Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...
The bad, worse and the horrible by Gunnar Gundmundsson Introduction We recently received a malicious Office document in DOCX format containing an embedded Visual Basic script designed to download a compressed .hta payload.Figure 1 Visual Basic script Inside the .hta...
Can analyzing message metadata help to protect organizations from becoming the victim of a successful BEC attack? Business Email Compromise (BEC) is an umbrella term spanning many forms of social engineering email attacks that typically share the common characteristic...
With no payload to detect, how best can organizations protect themselves from Business Email Compromise and other social engineering attacks? by John Stevenson Sometimes the simplest frauds are the most successful. Some years ago, local authorities in the UK were...
Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...
By Max Avory A couple of months ago we sat down with Damian Stalls, vCIO director at Fluid Networks to discuss how they dramatically reduced the time their security analysts spent managing the problem of phishing, BEC, and user education. Here were some of the...
By Mike Fleck Despite investments of time and money in secure email gateways, phishing threats continue to be delivered to the user's inbox. To close this gap in automated detection, many organizations roll out user security awareness programs to train their employees...
Ransomware is continually evolving. It has become the “most prominent malware threat”, with experts estimating that ransomware attacks in 2021 resulted in total damage costs of $20 billion. While there is no ransomware that specifically targets Office 365 data, it can...
by Dexter To and Maharlito Aquino Introduction Originally a banking Trojan that existed in the wild as early as 2007, Qakbot (or QBot) is a pioneer of malware as a service, which is continually maintained and developed to this day. While its main purpose is to steal...