Cyren Security Blog

Subscribe to this Blog

Email spoofing BEC attack targeting numerous employees at once

by Daria Aleksandrova

Security Research & Analysis

Spear-phishing spoofed attacks have been and remain one of the most substantial cyber threats that organizations face nowadays.

Phishers abusing Google App Engine

by Magni Reynir Sigurðsson

Security Research & Analysis

Over the last few weeks Cyren has observed a massive spike in phishing sites hosted on appspot.com domain that Google uses for its Google App Engine. 

Microsoft reports a “leap in attack sophistication”

by Cyren Security Blog

Security Research & Analysis

Last month Microsoft released a sobering Digital Defense Report.

How Scammers Leverage Email Delivery Services like SendGrid and MailChimp in Phishing Attacks

by Daria Aleksandrova

Lately, among the myriad phishing attacks we observe and detect via Cyren Inbox Security...

Anatomy of a Phishing Attack: Stolen Microsoft 365 Credentials

by Daria Aleksandrova

Phishing attacks designed to steal Microsoft 365 credentials are launched every day and growing more sophisticated. We recently detected a massive attack that hid a fake Microsoft 365 login page in the incoming emails’ attachments.

PEMPEMPEM - Hiding Behind Fake Certificates!

by Maharlito Aquino and Kervin Alintanahin

Over the years, enterprise security teams and threat actors have been involved in a never-ending game of cat and mouse. Organizations pour millions of dollars to stop advanced threats, but threat actors continue finding ways to evade detection by either enhancing their code or simply repackaging malware in more ways than one. This blog discusses the use of multiple components, including the use of legitimate software and encryption to deliver malware in a new manner.