Proofpoint researchers observed massive email campaigns with a twist - malicious URLs in the emails lead to purpose-built pages on compromised websites that in turn use Angler to drop Dridex on vulnerable PCs.
Proofpoint researchers continue to see the regular and rapid emergence of new ransomware strains and variants, validating trends observed since the end of 2015.
Proofpoint threat researchers publish their analysis of the top threats and trends of the first three months of 2016.
Proofpoint researchers have been tracking a new banking Trojan since March that has already been used in both targeted and widespread attacks.
Proofpoint researchers recently found a previously undocumented ransomware spreading since the end of March through Bedep after infection via the Angler Exploit Kit (EK). Combining our findings with intelligence shared by Frank Ruiz (Fox IT InTELL) lead us to the same conclusion: this project is conducted by the same group that was driving Reveton ransomware operations and is closely tied to Angler/Bedep.
Proofpoint security researchers discover a new exploit in the Magnitude EK that leads to a previously unreported vulnerability in Adobe Flash.
Earlier this year, Proofpoint researchers discovered Locky ransomware.
Targeted and personalized emails combined with a variety of malware represent a new and sophisticated approach from a particular actor we’ve been tracking this year.
So-called "typosquatters" aren't just getting savvier - they have a whole new world of top-level domains to use to trick businesses and consumers into giving up their personal information.
On March 13, 2016, Proofpoint researchers observed a large malvertising campaign hitting many highly-ranked websites including MSN.com, foxnews.com and many others. We also surmised (and later confirmed) that there was a video malvertising involved in this campaign. While such campaigns aren't new, this appears to be the first such documented campaign leading to an exploit kit.