CYREN Security Blog




New Macro Malware Uses Fake Google Enterprise Support Email

by Lordian Mosuela

Filed under Anti-Malware, Malware Analysis, Security Research & Analysis.

In the past months of analyzing malware samples, macro malware has been on the rise.  Last week, we received a fake email of Google Enterprise Support with an attachment file "Info> Wire_info_60255.doc". 

Prediction: I’ll never pay for identity theft protection again – and that’s not a good thing.

by Daisy Spiridopoulos

Filed under Miscellaneous, Web Security.

I received my third letter in as many years this morning from a business telling me that their network was breached and my personal information compromised. In this case, the business was Anthem, and I’m queasier about this one since the list of information possibly taken is the longest yet: names, dates of birth, Social Security numbers, health care ID numbers, home addresses, email address and employment information - including income data. 


by Avi Turiel

Filed under Miscellaneous, Security Research & Analysis, Web Security.

The Internet of Things (IoT) is hot. From light bulbs to refrigerators to smart TVs, companies are under tremendous pressure to get new IoT devices to market and consumers are instantly snapping them up. In fact, the number of devices that are or will shortly be connected to the Internet is rising rapidly. According to Gartner, by 2020 there will be more than 26 billion IoT devices in operation. 

Old-New Macro malware meets Old-New “missed courier delivery” Trick

by Rommel Ramos

Filed under Anti-Malware, Malware Analysis, Security Research & Analysis.

We have covered the resurgence of macro malware at length in our Security Yearbook.  Recap – after an absence of around 10-15 years macro malware returned with a vengeance in the last 2 months of 2014.  This time the new-old malware is paired with a favorite of the email malware crowd – the courier delivery letter.  The text is well known – you have received a package; the tracking slip is attached; you just HAVE TO open the attachment because you missed the package (what could it have been???)

Big Breaches Made The Headlines in 2014 - But The Real Threat Lies Elsewhere

by Lior Kohavi

Filed under Anti-Malware, Email Security, Security Research & Analysis, Web Security.

Looking back on 2014, it has been an incredibly dynamic year in the world of cyberthreats. It takes only two names to sum up the impact the cybercriminal had on the 2014 headlines: Home Depot and Sony. The Home Depot breach yielded about 110 million stolen pieces of sensitive information, including social security numbers and email addresses. And, in a classic case of hacktivism, Sony lost more than just emails and employee social security numbers; it suffered significant brand damage.