Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
April 05, 2016

Phish Scales: Malicious Actor Combines Personalized Email, Variety of Malware To Target Execs

Matthew Mesa

Targeted and personalized emails combined with a variety of malware represent a new and sophisticated approach from a particular actor we’ve been tracking this year.

March 30, 2016

.om Is Not .com – Attackers Increasing Use of Typosquatting

Christopher Dawson

So-called "typosquatters" aren't just getting savvier - they have a whole new world of top-level domains to use to trick businesses and consumers into giving up their personal information.

March 18, 2016

Video Malvertising Bringing New Risks to High-Profile Sites

Proofpoint Staff

On March 13, 2016, Proofpoint researchers observed a large malvertising campaign hitting many highly-ranked websites including and many others. We also surmised (and later confirmed) that there was a video malvertising involved in this campaign. While such campaigns aren't new, this appears to be the first such documented campaign leading to an exploit kit.

March 17, 2016

Gone Tax Phishing ’til April 18th

Proofpoint Staff

Obfuscation, sophisticated lures, and well-written phishing kits combine to make this a risky tax season for unsuspecting filers.

March 14, 2016

Bank robbery in progress: New attacks from Carbanak group target banks in Middle East and US

Aleksey F, Darien Huss, Chris Wakelin, Chris I, and Proofpoint Staff

The Carbanak gang appears to be back, and Proofpoint researchers analyze the early stages of a campaign that could steal another billion dollars.

March 10, 2016

Death Comes Calling: Thanatos/Alphabot Trojan Hits the Market

Proofpoint Staff

Proofpoint researchers have identified a new Trojan with robust functionality from authors who also appear to be prepared to offer a complete ecosystem of tools for malicious actors.

March 04, 2016

Beyond Vanilla Phishing - Impostor Email Threats Come of Age

Christopher Dawson

Phishing isn't going anywhere - it's simply adapting to improved detection techniques to better target users and increase the payoffs from attacks.

March 01, 2016

Operation Transparent Tribe - APT Targeting Indian Diplomatic and Military Interests

Darien Huss

Proofpoint researchers uncover details about an advanced persistent threat against Indian diplomatic and military interests, centered around a remote access Trojan called MSIL/Crimson.

February 26, 2016

Nymaim Moves Past Its Ransomware Roots - What Is Old Is New Again

Proofpoint Staff

Proofpoint researchers track new campaigns using the not-so-new Nymaim Trojan. But some new twists are making this malware far more troublesome, including distribution via a large email marketing provider instead of the usual botnets.

February 23, 2016

The Human Factor 2016: People are the key

Proofpoint Staff

The Human Factor reveals not just who is clicking what, but how threat actors are using social engineering to get people to perform the work of automated exploits.


Stay Connected