CYREN Security Blog




Bloggers Beware: Vulnerabilities in WordPress

by Ólöf Kristjánsdottir

Filed under Security Research & Analysis, Web Security.

Increasingly cybercriminals are looking for any avenue possible to conduct an attack, and vulnerabilities in WordPress offer that path or “threat vector” to hackers wishing to gain access to a computer or network in order to deliver malicious content. CYREN discovered several compromised WordPress sites, including one for a supposed Canadian pharmaceutical site selling Viagra.

Finding Dunihi By Houdini

by Lordian Mosuela

Filed under Anti-Malware, Security Research & Analysis.

Last weekend, I found Dunihi on the laptop of my brother in-law who works in a construction corporation. Dunihi is a RAT (Remote Access Tool) written in VBS (Visual Basic Script) that provides backdoor access to the infected system. We detect this as VBS/Dunihi. It may have arrived via infected USB drive, attachment in spammed email or malicious link / hack website. 

Dual Detection Engines—Using Layered Security to Battle Cybercrime

by Avi Turiel

Filed under Anti-Malware, Antispam, Phishing.

As vendors and service providers step-up their efforts to block spam, detect malware, and prevent access to malicious websites for their customers, CYREN engineers and analysts have been asking themselves the question “can more than one embedded engine reduce the risk of cyberattacks?” While a good single engine can provide up to 98% threat detection, the fact of the matter is, no engine is ever going to provide 100% security. We began to wonder how close to 100% security can you get and what it would take to get there.

How Did a Hacker Get Photos of So Many Celebrities in Their Birthday Suits?

by Avi Turiel

Filed under Email Security, Phishing, Web Security.

This week’s big hacking news that the personal iCloud accounts of at least 100 celebrities were compromised and personally “revealing” images stolen off them, seems to have kept the news outlets buzzing for a while.

Phony Robin Williams Phone Video Posts on Facebook

by Avi Turiel

Filed under Security Research & Analysis, Web Security.

There are times when you find the efforts of cybercriminals both amusing and annoying, and then there are times when your contempt for these villainous creeps really gets to you. 

The recent and tragic death of actor and comedian Robin Williams shocked the world. Most people strongly feel that the man should be allowed to rest in peace and his family allowed to grieve privately. Yet, a basic respect for life and death seems to be lacking in the mind of the vast majority of cybercriminals.