Cyren Security Blog

Subscribe to this Blog

A view from the exhibition floor: three takeaways from Infosecurity Europe

by Duncan Mills

infosec Infosecurity Europe

This year’s Infosecurity Europe yet again made me realise that I am privileged to work in such an exciting industry. As always, there was a lot of hype to cut through, but once you did, there were great insights to be found. Here are my top three takeaways from walking the floor.

It’s Back! Facebook Cryptominer Worm Reemerges

by Maharlito Aquino and Kervin Alintanahin

Back in 2017, we wrote a blog about a malware spreading on Facebook, which, it turns out, continues to be relevant today—referring to both the blog and the malware. At the time we analyzed part of the 2017 Digmine campaign that installed a cryptominer payload, and (lo and behold!) just last month this campaign reemerged on Facebook with a new variant that uses the files section of Facebook groups and employs tactics similar to those used two years ago. We decided to monitor and do a breakdown of one of them in order to discover if there is really any new behavior we might alert you to.

Phishing Targeting Real Estate Firms

by John Callon

For the last three years, stories about real estate hacking and particularly phishing have appeared with increasing frequency in newspaper and blog headlines. Take for example the cybercriminals who stole client contact information from a DC-area real estate company, and then created a “business email compromise” (BEC) scam, which resulted in $1.5 million being stolen in a phishing/wire fraud scheme from a couple about to close on a home.

Apple Phishing Bait Has a Lot of Hooks

by Maharlito Aquino and Kervin Alintanahin

In general, a lot of phishing has been moving the embedded links the recipient is intended to click on from the body of the email into an attachment, in order to increase the odds of evading detection and, we theorize, as a kind of “social engineering” ploy to move the user along quickly and get them into a clicking frame of mind. During recent analysis of malicious PDF samples, we saw a lot of Apple-themed phishing content and thought it might be instructive to share how rich and varied the world of Apple phishing has become. We illustrate this with some real-world examples for you. From purchases in the app store to a range of activities using one’s Apple ID, threat actors have developed many ways to entice users to click on that malicious link that leads to the theft of precious Apple credentials.

Emotet: From a Banking Trojan to One of the Most Advanced Botnets

by Tinna Thuridur Sigurdardottir and Sarah Neubauer

Email Security Malware Threat Analysis

In 2014, the Emotet malware started as a banking Trojan targeting European bank customers. Back then, nobody expected this malware would evolve into one of the most dangerous botnets in the world.

Ransomware Overshadowed by Phishing, But It's Not Dead Yet

by John Callon

Industry Insights Malware Ransomware

According to several recent surveys, phishing may have surpassed ransomware as the top concern for IT and security managers, and there may not be a single ransomware out there to capture the collective imagination like Locky did in 2016, but don't be misled—ransomware continues alive and well. Recent targeted Ryuk attacks have been hammering businesses, like the December infection at Tribune Publishing in Chicago.