Cybersecurity

Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
April 16, 2018

Threat actors follow the money: Proofpoint releases the Human Factor 2018 Report

Proofpoint Staff

Proofpoint researchers detail trends shaping the threat landscape in email, social media, SaaS applications, and more.

April 12, 2018

EITest: Sinkholing the oldest infection chain

Kafeine

Proofpoint researchers detail the evolution of the EITest infection chain and help sinkhole the long-running operation.

April 04, 2018

Bitcoin-related domain registrations rise and fall with the cryptocurrency’s value

Proofpoint Staff

Proofpoint researchers detail how actors are creating Bitcoin-related domains that may be used for typo-squatting attacks and fraud.

March 30, 2018

Sandiflux: Another Fast Flux infrastructure used in malware distribution emerges

Kafeine

Proofpoint researchers studied a previously undocumented botnet providing Fast Flux infrastructure for cybercrime.

March 25, 2018

Unraveling ThreadKit: New document exploit builder used to distribute The Trick, Formbook, Loki Bot and other malware

Axel F, Matthew Mesa

In October 2017, Proofpoint researchers discovered a new Microsoft Office document exploit builder kit that featured a variety of recent exploits as well as a mechanism to report infection statistics.

March 23, 2018

Tax-themed email campaigns steal credentials and spread banking Trojans, RATs, and ransomware

Proofpoint Staff

In 2018, Proofpoint researchers have observed another strong season for tax-themed email lures, and the payloads of these campaigns are representative of broader malware trends and highlight notable differences compared to last year.

March 13, 2018

Drive-by as a service: BlackTDS

Kafeine

Proofpoint researchers track a new web-based attack chain offered as a service to threat actors

March 07, 2018

Leaked source code for Ammyy Admin turned into FlawedAmmyy RAT

Proofpoint Staff

Proofpoint researchers track campaigns involving a new RAT based on the leaked source code of the Ammyy Remote Administration tool.

January 31, 2018

Smominru Monero mining botnet making millions for operators

Kafeine

Proofpoint researchers analyze a massive Monero mining botnet.

January 29, 2018

Double dipping: Diverting ransomware Bitcoin payments via .onion domains

Proofpoint Staff

Proofpoint researchers track operators of a Tor proxy diverting ransomware payments to their own Bitcoin wallets.

Pages

Stay Connected
TWITTER @THREATINSIGHT