Cyren Security Blog

Subscribe to this Blog

Office 365 Security Budgets Increase to Stop Phishing

by John Callon

Email Security Phishing Security Research & Analysis

With 78 percent of businesses that utilize Office 365 reporting one or more successful cyberattacks this year, it’s not surprising that IT managers at over half of Office 365-enabled organizations also say they’ve increased their security spending by a robust average 18 percent compared to 2017. 

Evasive Phishing is Targeting Office 365

by John Callon

Phishing Security Research & Analysis

Phishing emails targeting Office 365 customers are increasing dramatically and are the top source of security breaches, according to an Osterman Research survey commissioned by Cyren. Fifty-four percent of organizations using Office 365 as their corporate email platform reported at least one successful phishing attack during the past 12 months, although usually far more than one—the average number of phishing breaches reported was 11.7. 

Fileless Malware Already Targeting Holiday Suppliers

by Maharlito Aquino and Kervin Alintanahin

Security Research & Analysis Threat Analysis

It gets earlier and earlier every year. The first Yuletide-related malware campaign has already been spotted. There’s always an expected and monumental amount of consumer spam and phishing in the run-up to Black Friday and then Christmas itself, but we’ve found one malware author getting into the Christmas “spirit” in late October by targeting backdoor-delivering emails at the Yuletide supply chain, specifically Christmas goods suppliers whose preparations for the year-end commercial convulsion are well underway.

Not-Really-Password-Protected Evasion Technique Resurfaces

by Maharlito Aquino and Kervin Alintanahin

Security Research & Analysis Threat Analysis

Today we came across an e-mail with an Excel Workbook attachment, which upon first inspection appears to be password-protected. The presence of the EncryptedPackage stream in an OLE2 document indicates that it is protected by a password, which obviously would require the user to enter one in order to open the document properly. Or at least that’s what the bad guys would like email or AV scanners to think. 

Police Phishing Attack Targets Bank Credentials

by Magni Reynir Sigurðsson

Phishing Security Research & Analysis Threat Analysis

An email impersonating the Icelandic police was sent to thousands of Icelanders this past weekend, falsely requesting the recipient come in for questioning.

Survey Says 44% of Companies Phished This Year

by John Callon

Email Security Phishing Ransomware Security Research & Analysis Web Security

The third annual Cyren-Osterman Research U.S. security survey shows a significant increase in phishing emails getting through to users and in the number of successful phishing attacks suffered by businesses during the past 12 months, among many topics covered in the 16-page report, "IT Security at SMBs: 2017 Benchmarking Survey", available for free download.