by Maharlito Aquino Before we dive deeper into our main topic, let us first define Smishing. Smishing, a term that combines SMS and Phishing, is a form of phishing, which is delivered via Short Message Services (SMS) or better known as...
Cyren Security Blog
The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.
Featured Post
Latest Posts
Example Analysis of Multi-Component Malware
by Kervin Alintanahin Recently, we have received an increase in the number of malicious email samples with password-protected attachments. The recent waves of attacks with Emotet use a similar approach. In this blog we describe our analysis of another set of samples...
How the War in Ukraine Has Influenced the Scammers’ Underground
by Ira Chernous For the past three months, most media news headlines have been talking about a painful subject that leaves no one indifferent: the war. Since the start of the Russian invasion of Ukraine, the international community has been helping the victims by...
The Resurgence of Emotet
by Kervin Alintanahim Password Protected Docs One of the most recent Emotet samples we received were emails with password protected attachments. Although the malicious document needs an extra step to be accessed compared to just being attached as it is, the additional...
Malicious Excel Add-in Variant Delivers Malware
By Floser Bacurio Jr XLL is an Excel Add-in extension file that provides ways to use third-party tools and functions that are not available in Microsoft Excel. It is typically a Dynamic Link Library (DLL) file that can be loaded by Microsoft Excel provided the file...
What Are Office 365 Safe Attachments?
Office 365 Safe Attachments is a feature of Microsoft 365 Advanced Threat Protection (also known as Microsoft 365 Defender) that provides another layer of protection to incoming emails by scanning its attachments for malicious software. Phishing emails and attacks are...
What is a Zero-Day Phishing Attack? Identifying Vulnerabilities & More
"Zero-day" is a term that broadly describes a series of recently discovered cybersecurity vulnerabilities hackers utilize to attack systems. This term, "zero-day", often refers to the fact that the developers have just learned about the flaw. Hackers will exploit...
Smishing Campaign Hijacks Bank SMS Notifications
by Maharlito Aquino Before we dive deeper into our main topic, let us first define Smishing. Smishing, a term that combines SMS and Phishing, is a form of phishing, which is delivered via Short Message Services (SMS) or better known as text messages on the mobile...
Office 365 Phishing, BEC, & Ransomware Survey Highlights
by Max Avory Reading a complete report is not for everyone. If that includes you, here are the key takeaways from the 2022 Osterman report on Phishing, BEC, and Ransomware Threats for Microsoft 365 Customers. “Less than half the organizations ranked their currently...
IRS Scams 2022
By Dexter See To, Joy Celine Faltado, & Mike Fleck Tax scams are so prevalent that the United States Internal Revenue Service has published a very long FAQ page to warn people of the risks. As we approach the peak of the income tax season in the United States, we...