Cyren Security Blog

Subscribe to this Blog

Companion Ransomware — 2-for-1 Malware Distribution

by Maharlito Aquino

Malware Ransomware Threat Analysis

As reported in February, Cerber and other ransomware groups are now offering Ransomware-as-a-Service, giving affiliates/partners a percentage of the collected ransom. 

In a new sort of "two-for-one" malware deal, Cyren has detected variants of the Kovter click-fraud malware being distributed with “companion” Cerber ransomware by the Kovter malware team.

Global Copycats iPhishing Lost iPhones

by John Callon

Email Security Phishing Security Research & Analysis Threat Analysis

In a post last month, Brian Krebs related the case of an iPhone user in Brazil who, in attempting to recover their phone, suffered a rather insidious phishing attempt. We also had received an almost identical firsthand account — from someone in Israel.

Krebs Exposed IoT Botnet Mastermind — Think That's the End?

by Avi Turiel

Botnets Malware Threat Analysis Web Security

For several years, cybersecurity professionals have been predicting an impending malware onslaught, originating from Internet of Things (IoT) devices—“smart” everyday household items that can connect to the Internet, such as refrigerators, WiFi routers, DVRs, baby monitors, security cameras, thermostats, and so forth.

French Ministry “Survey” Delivers Macro Backdoor

by Kervin Alintanahin

Malware Security Research & Analysis Threat Analysis

Thinking of moving to France? Soyez très prudent! That form you're busy filling out may be uploading and downloading files, exfiltrating data, doing reconnaisance of your network — or worse. A criminal malware group behind a sophisticated Excel macro backdoor, which has been targeting Middle Eastern financial institutions since 2015, appears to have diversified to new targets, with Cyren researchers recently discovering the technique being applied to a fake survey document purportedly sent by the French Ministry of Foreign Affairs. 

New Phishing Wave Targets Online Banking and Digital Payment Customers

by Igor Glik

Email Security Phishing Security Research & Analysis Threat Analysis

Cyren researchers are seeing a new phishing technique targeting online banking users from Wells Fargo, Chase and Capital One, along with digital payment customers from Paypal and Venmo, among others.

This new wave of phishing attacks builds on previously known techniques, relying on email recipients clicking on HTML attachments to exploit a weakness in many email security systems, but with the additional twist that data URIs are being hidden in the HTML attachments, according to Cyren threat research analysts.

The new attack technique has taken root quickly in the past month, with nearly 50% of recent phishing attacks seen by Cyren now using HTML attachments.

New Cerber Ransomware-as-a-Service Causing Fresh Outbreaks

by Kervin Alintanahin

Malware Ransomware Threat Analysis

Cyren is now detecting fresh outbreaks of Cerber ransomware being distributed using variants of a popular malware distribution tool known as “Nemucod”.