Cyren Security Blog

Subscribe to this Blog

Data Breach Report Underscores Phishing Risk for Manufacturers

by John Callon

Email Security Industry Insights Phishing Security Research & Analysis

The business impact of phishing is becoming increasingly more pronounced. According to the recently released 2018 Verizon Data Breach Investigations Report, 93% of all reported IT security breaches are the direct result of some form of phishing. The manufacturing industry is likely feeling this impact more than most, with targeted attacks on the rise. 

Double Deceit: Bad Things Come in Pairs

by Maharlito Aquino and Kervin Alintanahin

Email Security Security Research & Analysis Threat Analysis Web Security

The chinese proverb may say that good things come in pairs, but in what appears to be a clever bit of social and technical engineering, we’ve discovered a new email threat carrying not one, but two different malicious attachments as bait, specifically a PDF file and a Microsoft Template file (OpenXML/DOTX), targeting a previously reported Microsoft Office vulnerability in order to deliver the remote access trojan (RAT) known as NetWiredRC. We believe the use of two attachments is intended to make the email seem more legitimate to recipients. Typically hackers only send one malicious attachment—by sending two, the hackers increase the chances that the target will open at least one of them. In addition, the techniques applied within the attachments add a few layers of complexity in both the delivery of the exploit and the final payload, and are intended to help evade detection.

Cybercriminals see real estate firms as profitable

by John Callon

Email Security Industry Insights Malware Phishing Security Research & Analysis Web Security

For the last two to three years, stories about real estate hacking and particularly phishing have appeared with increasing frequency in newspaper and blog headlines. Take for example the cybercriminals who stole client contact information from a DC-area real estate company, and then created a “business email compromise” (BEC) scam, which resulted in $1.5 million being stolen in a phishing/wire fraud scheme from a couple about to close on a home.

Cyber pirates targeting logistics and transportation companies

by John Callon

Email Security Industry Insights Malware Phishing Security Research & Analysis Web Security

In June of 2017, the logistics and transport industry experienced a ‘first’ when almost 80 ports and terminals around the globe either came to a standstill or experienced significant delays, including the Port of New York and New Jersey, the Port of Los Angeles, the port of Rotterdam (Europe’s largest), and the port near Mumbai—India’s largest container port.

Construction Industry Security Threatened by Weak Links

by John Callon

Email Security Industry Insights Malware Phishing Security Research & Analysis Web Security

Remember the big Target breach in 2013, when 40 million credit and debit cards and as many as 110 million email addresses stolen? It cost Target $292 million (according to their annual report), led to 80 lawsuits which took four years to resolve, and cost the CEO his job.

Have Email Threats Finally Worn Down IT Professionals? 80 Opinions on the State of Email Security

by Duncan Mills

Email Security Industry Insights Malware Phishing Ransomware Security Research & Analysis Web Security

Have email threats worn down IT professionals? Cyren recently gathered opinions from the Spiceworks IT community members about the state of email security. Read on to discover the general opinions and feelings of the 80 respondents.