CYREN Security Blog

 

Articles

Categories

Revisiting Old Cybercriminal Techniques: PSYME Malware Revival

by Erwin Balunsat

Filed under malware, Security Research & Analysis.

Zeus, ZeuS, or Zbot; a Trojan horse computer malware, has been around for a long time. It is known that the Zeus bot sends out spam emails that contain an executable binary which will download and install a bot program into the affected machine. Recently, we detected a Zeus Bot employing an old malware type to propagate – the famous Psyme. CYREN captured a new variant of Psyme which arrived as an attachment to a spammed email (Figure 1) sent by an infected machine or unsuspecting user.

Security-as-a-Service: Applied Cyber Intelligence for Enterprises

by Chris Taylor

Filed under Miscellaneous, Web Security.

When applying the concept of trust to the security-as-a-service (SecaaS) delivery model, it is useful to think in terms of security history. With access to the Internet and email came viruses, spam drive-by downloads and phishing, and the corresponding perimeter security software and hardware to protect corporate systems.  But, software always needs upgrading and security experts must try to remain abreast of the latest threats while it seems as if the cybercriminal is always one-step ahead. 

No Hidden camera on fake Youtube/Vimeo pages – only hidden malware

by Lordian Mosuela

Filed under Anti-Malware, Malware Analysis, Security Research & Analysis.

Last week, CYREN detected interesting emails that contained links to fake video pages. We have included a screenshot of the email. The rough translation of the subject line is “hidden camera in their house”, and the Youtube link looks like it might deliver the goods – but of course the only hidden part is the Rovnix banking Trojan.  

Destroying the ROI of Cybercrime– Part 2

by Chris Taylor

Filed under Miscellaneous, Web Security.

In the battle to defend against the ever-increasing volume and variety of threats, security solutions like firewalls, signature-based antivirus, and blacklisting may be ineffective.  This is because the criminals know that the data that powers them may lag new threats by days or even weeks.  Cybercriminals have now further raised the stakes by developing malware that incorporates evasion techniques to ‘sense’ when it is being inspected by security tools and turn off malicious operations until the inspection ends.  These combine to create a security “gap”.

Destroying the ROI of Cybercrime – Part 1

by Chris Taylor

Filed under Miscellaneous, Web Security.

2015 will be another tough year in the continuing fight against cybercrime.  Today’s Internet threat landscape is highly dynamic, as thousands of malicious actors disseminate hundreds of millions of global threats daily.  While some actors are hacktivist organizations and even nation-states, the main threat remains that of well-funded cybercriminal gangs. Their goals are simple: to steal data that can be readily monetized - such as credit card data, or vital intellectual property – and generate a high return on investment (ROI) from their efforts.