Cyren Security Blog

2021 Phishing & BEC Attacks

von

I’ve been very busy this summer, which is why I’m just now reading the 2021 Verizon Data Breach Investigations Report. Here are a few takeaways from the section about the “Social Engineering” attack pattern (read: phishing).

Axie Infinity Player Wallets Targeted by Poisoned Google Ads Content

von

Security Research & Analysis

The top NFT Ethereum-based game Axie infinity lets its users earn SLP (Smooth Love Potion). This potion can be traded as a crypto currency and has recently reached its all-time high value Many people are trying to get into this hot crypto game, and with that comes the risk of getting targeted by threat actors.  

How Phishers Abuse Hypertext Transfer Protocol Secure (HTTPS) Protocol

von

Security Research & Analysis

What is the first thing that comes to mind when we see sites using HTTPS protocol? Subconsciously we tend to trust these sites presuming that all that we see and/or enter there is checked, secured, and verified.

Phishing on Adobe Spark

von

Security Research & Analysis

Threat actors are always on the lookout for inconspicuous ways to execute malicious attacks. One such tactic that has become common is the use of legitimate services as part of phishing campaigns.

Ransomware Attacks Are Here to Stay

von

Ransomware

Following the highly publicized (and successful) $4M+ ransom of Colonial Pipeline, attacks like these will only get more popular.

SolarMarker Backdoor Pretends to be Legit PDFescape Installer

von

The modified installer of legit "PDFescape Desktop Installer" app looks like this: