CYREN Security Blog

 

Articles

Categories

Web Security in Asia Pacific

by Sylvain Lejeune

Filed under Miscellaneous, Web Security.

A recent World Economic Forum report notes that major technology trends, including massive analytics, cloud computing, and big data, could create between $9.6 trillion and $21.6 trillion (US dollars) in value for the global economy. However, delays in adopting cybersecurity capabilities could result in a $3 trillion loss in economic value. The way employees approach computing and the Internet is changing. Gone are the days of desktop computers and servers, safely protected behind firewalls. Today, employees work remotely and globally, using laptops, smart phones, and tablets. Data is at their fingertips, delivered on-demand via cloud computing. In fact, more than half of the world’s mobile subscribers are located in the Asia Pacific region and Asia-Pac is anticipated to remain one of the world’s fastest growing mobile markets through 2020 and beyond.

Home Depot Breach Results in First Phishing Scam

by Avi Turiel

Filed under Phishing, Security Research & Analysis, Web Security.

It didn’t take long for scammers to catch a ride on the Home-Depot-data-breach wave. Last week, CYREN caught and blocked emails claiming to be from American Express, containing the “subject header” “American Express – Security concern on Data breach at Home Depot.” 

ShellShock's Payload Leads to Malware

by Lordian Mosuela

Filed under Anti-Malware, Malware Analysis.

Shellshock exploded on the scene last week, making headlines in major newspapers and security blogs.  Shellshock is a security hole in the Unix/Linux “Bash” Shell. Bash is a command processor that typically runs in a text window, allowing the user to type commands which cause actions.  For the non-Linux/UNIX users among us, it is roughly equivalent to cmd.exe (Windows) or command.com (DOS).  So, generally not the place to go if you love using a mouse.  

A Little Phishing Story

by Frank Rickert

Filed under Phishing, Web Security.

You receive an email (purportedly from Amazon.de) informing you that to protect your identity they would like to give you a new Amazon email address. Amazon.de assures you that their system is fraud-proof, as they use advanced filtering techniques to prevent unwanted emails. Further, they remind you that if you update your email address, Amazon will retain all emails sent to this new address, in accordance with their “A-to-Z Guarantee”. All you need to do is click below and respond to the email.

Bloggers Beware: Vulnerabilities in WordPress

by Ólöf Kristjánsdottir

Filed under Security Research & Analysis, Web Security.

Increasingly cybercriminals are looking for any avenue possible to conduct an attack, and vulnerabilities in WordPress offer that path or “threat vector” to hackers wishing to gain access to a computer or network in order to deliver malicious content. CYREN discovered several compromised WordPress sites, including one for a supposed Canadian pharmaceutical site selling Viagra.