Cyren Security Blog

Subscribe to this Blog

Point, Click and Hack — Phishers Try Wix

by Yaniv Ovitz

Phishing Security Research & Analysis Threat Analysis Web Security

Anyone, including phishers and malware distributors, can make a free website on Wix. Cyren analyzes one example of a Wix page targeting Office 365 users.

IT Security Survey in the UK - 75% Hacked in Past Year

by John Callon

Malware Security Research & Analysis

Cyren teamed with Osterman Research to do in-depth interviews of IT and security professionals on a range of security-related topics at over 100 small and medium-sized organizations ranging in size from 100 to 5,000 employees last month, with the results just released in a comprehensive report.

Global Copycats iPhishing Lost iPhones

by John Callon

Email Security Phishing Security Research & Analysis Threat Analysis

In a post last month, Brian Krebs related the case of an iPhone user in Brazil who, in attempting to recover their phone, suffered a rather insidious phishing attempt. We also had received an almost identical firsthand account — from someone in Israel.

French Ministry “Survey” Delivers Macro Backdoor

by Kervin Alintanahin

Malware Security Research & Analysis Threat Analysis

Thinking of moving to France? Soyez très prudent! That form you're busy filling out may be uploading and downloading files, exfiltrating data, doing reconnaisance of your network — or worse. A criminal malware group behind a sophisticated Excel macro backdoor, which has been targeting Middle Eastern financial institutions since 2015, appears to have diversified to new targets, with Cyren researchers recently discovering the technique being applied to a fake survey document purportedly sent by the French Ministry of Foreign Affairs. 

New Phishing Wave Targets Online Banking and Digital Payment Customers

by Igor Glik

Email Security Phishing Security Research & Analysis Threat Analysis

Cyren researchers are seeing a new phishing technique targeting online banking users from Wells Fargo, Chase and Capital One, along with digital payment customers from Paypal and Venmo, among others.

This new wave of phishing attacks builds on previously known techniques, relying on email recipients clicking on HTML attachments to exploit a weakness in many email security systems, but with the additional twist that data URIs are being hidden in the HTML attachments, according to Cyren threat research analysts.

The new attack technique has taken root quickly in the past month, with nearly 50% of recent phishing attacks seen by Cyren now using HTML attachments.

Email Security Survey: 75% of Companies Hacked in Past Year

by John Callon

Email Security Security Research & Analysis

A new survey conducted by Osterman Research and co-sponsored by Cyren shows that 75% of businesses surveyed incurred a security breach in the past 12 months. The top two...