Threat Insight
Jaff - New Ransomware From the Actors Behind the Distribution of Dridex, Locky, and Bart
Proofpoint researchers analyze new ransomware from the actors who brought us Dridex, Locky, and Bart.
Introducing Loda Malware
Proofpoint researchers describe a previously undocumented keylogger and remote access Trojan called Loda.
APT Targets Financial Analysts with CVE-2017-0199
Proofpoint researchers track a China-based APT actor and their attacks on financial services analysts covering the telecommunications industry.
Facebook Spam Botnet Trades Account Access for Likes
Proofpoint researchers analyze a Facebook spam botnet that uses a legitimate app and the human factor to spam a major media company.
Philadelphia Ransomware Brings Customization to Commodity Malware
Proofpoint researchers track the changing ransomware landscape and examine the use of commodity ransomware in targeted attacks on healthcare organizations.
A Quiet Quarter Ends With a Bang: Proofpoint Q1 Threat Report
Proofpoint researchers track the latest trends in malware and online threats for the first quarter of the year.
Dridex Campaigns Hitting Millions of Recipients Using Unpatched Microsoft Zero-Day
Proofpoint researchers have discovered that Dridex actors are already using CVE-2017-0199, a Microsoft Word zero-day first publicly revealed this weekend and patched April 11.
High-Volume Dridex Campaigns Return, First to Hit Millions Since June 2016
Proofpoint researchers track several new high-volume Dridex campaigns - the first to hit millions of recipients since May 2016.
Mobile Malware Masquerades as POS Management App
Proofpoint researchers examine a new piece of mobile malware that purports to be a point-of-sale management app but is actually a powerful information stealer.
Magnitude Actor Adds a Social Engineering Scheme for Windows 10
Proofpoint researchers provide background on Magnitude activity and explore a newly added social engineering scheme