The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.
By Max Avory A couple of months ago we sat down with Damian Stalls, vCIO director at Fluid Networks to discuss how they dramatically reduced the time their security analysts spent managing the problem of phishing, BEC, and user education....
Ransomware is continually evolving. It has become the “most prominent malware threat”, with experts estimating that ransomware attacks in 2021 resulted in total damage costs of $20 billion. While there is no ransomware that specifically targets Office 365 data, it can...
by Dexter To and Maharlito Aquino Introduction Originally a banking Trojan that existed in the wild as early as 2007, Qakbot (or QBot) is a pioneer of malware as a service, which is continually maintained and developed to this day. While its main purpose is to steal...
by Kervin Alintanahin Recently, we have received an increase in the number of malicious email samples with password-protected attachments. The recent waves of attacks with Emotet use a similar approach. In this blog we describe our analysis of another set of samples...
by Ira Chernous For the past three months, most media news headlines have been talking about a painful subject that leaves no one indifferent: the war. Since the start of the Russian invasion of Ukraine, the international community has been helping the victims by...
by Kervin Alintanahim Password Protected Docs One of the most recent Emotet samples we received were emails with password protected attachments. Although the malicious document needs an extra step to be accessed compared to just being attached as it is, the additional...
By Floser Bacurio Jr XLL is an Excel Add-in extension file that provides ways to use third-party tools and functions that are not available in Microsoft Excel. It is typically a Dynamic Link Library (DLL) file that can be loaded by Microsoft Excel provided the file...
Office 365 Safe Attachments is a feature of Microsoft 365 Advanced Threat Protection (also known as Microsoft 365 Defender) that provides another layer of protection to incoming emails by scanning its attachments for malicious software. Phishing emails and attacks are...
"Zero-day" is a term that broadly describes a series of recently discovered cybersecurity vulnerabilities hackers utilize to attack systems. This term, "zero-day", often refers to the fact that the developers have just learned about the flaw. Hackers will exploit...
by Maharlito Aquino Key Points: Smishing is causing millions of dollars in losses. Robokiller insights show that consumers have received over 12 billion in robotexts. Fraudsters are smart people who are very good at designing texts that make people take immediate...