CYREN Security Blog




The State of Corporate Security

by Lior Kohavi

Filed under Miscellaneous, Security Research & Analysis, Web Security.

The Companies—Home Depot, JP Morgan Chase, Target.
The Information—56 million credit cards, 76 million ‘households’, 7 million small businesses,
and 110 million accounts.
The Impact—According to recent reports, Home Depot estimates that investigation, credit monitoring, call
center, and other costs could top $62 million. Target’s stock fell by almost 14% in the months following news
of the breach, with profits down 46% by the end of Q4 2013, and breach-related expenses totaling $146 million.
The impact of the JP Morgan Chase data breach has yet to be determined, but early reports suggest the costs
could top that of Target.

CYREN Notes Botnet Expansion: Increase in Malware Distribution Correlates with Decrease in Spam—Companies Urged to Remain Alert to Malware Detection and Mitigation

by Eyal Matzkel

Filed under Anti-Malware, Security Research & Analysis.

In recent weeks, CYREN has noted a dramatic increase in the number of active malware-sending bots, which appears to correlate with a slowdown in spam-sending bots. Periodically throughout the year, CYREN analysts see these types of fluctuations. Reasons vary, although CYREN analysts suspect that botnet owners are “repurposing”, with the primary objective to expand the botnet; malware is increasing and the reduction in spam volume comes from the cybercriminal’s desire to expand and “groom” the botnet. By using the bots to send out malware (instead of spam), the cybercriminal is able to “recruit” new bots and further mature the botnet.  Once the botnet has been suitably developed it can be repurposed to start sending out spam again.  

Addressing the Growing Threat of Phishing Attacks

by Sylvain Lejeune

Filed under Phishing, Web Security.

Phishing attacks have seen considerable growth over the past few years. Here are just a few of the astounding facts:

  • In 2013, CYREN observed a 264% increase in phishing scams.
  • Almost 70% of all IT professionals observe and experience a phishing attack at least once a week.
  • PayPal remains the #1 target of phishing, with over 1,000 new PayPal phishing sites every day.

Q3 Threat Report Highlights: Apple User Phishing Up 246%, Celebrity and Corporate Hacks, Cybercriminals Exploit Tragedy, and Spam and Malware Continue Unabated.

by Avi Turiel

Filed under Security Research & Analysis.

From celebrity hacking to major corporate data breaches, the third quarter of 2014 demonstrated the lengths cybercriminals will go in order to obtain sensitive and private information. In early September, the world learned of a major breach to celebrity Apple iCloud accounts, likely achieved either through highly targeted phishing or using research techniques similar to those honed by “Hollywood Hacker” Chris Chaney. Following the announcement of the celebrity iCloud breach, CYREN also noticed a significant uptick in phishing scams targeted at Apple users; overall, phishing scams targeting Apple users were up 246% from the first quarter.

UPDATE: CYREN Continues to Analyze Significant Malware Attack

by Avi Turiel

Filed under Security Research & Analysis.

For the last 24 hours, CYREN’s Virus Outbreak Detection (VOD) has been monitoring a significant malware attack, with over 80% of all malware passing through the CYREN VOD system containing this Trojan virus with obfuscated Visual Basic macro code. As we delve more deeply into our analysis of the virus, we are learning more.