Proofpoint researchers recently found a previously undocumented ransomware spreading since the end of March through Bedep after infection via the Angler Exploit Kit (EK). Combining our findings with intelligence shared by Frank Ruiz (Fox IT InTELL) lead us to the same conclusion: this project is conducted by the same group that was driving Reveton ransomware operations and is closely tied to Angler/Bedep.
Proofpoint security researchers discover a new exploit in the Magnitude EK that leads to a previously unreported vulnerability in Adobe Flash.
Earlier this year, Proofpoint researchers discovered Locky ransomware.
Targeted and personalized emails combined with a variety of malware represent a new and sophisticated approach from a particular actor we’ve been tracking this year.
So-called "typosquatters" aren't just getting savvier - they have a whole new world of top-level domains to use to trick businesses and consumers into giving up their personal information.
On March 13, 2016, Proofpoint researchers observed a large malvertising campaign hitting many highly-ranked websites including MSN.com, foxnews.com and many others. We also surmised (and later confirmed) that there was a video malvertising involved in this campaign. While such campaigns aren't new, this appears to be the first such documented campaign leading to an exploit kit.
Obfuscation, sophisticated lures, and well-written phishing kits combine to make this a risky tax season for unsuspecting filers.
The Carbanak gang appears to be back, and Proofpoint researchers analyze the early stages of a campaign that could steal another billion dollars.
Proofpoint researchers have identified a new Trojan with robust functionality from authors who also appear to be prepared to offer a complete ecosystem of tools for malicious actors.
Phishing isn't going anywhere - it's simply adapting to improved detection techniques to better target users and increase the payoffs from attacks.