Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
February 10, 2015

Looking for Love in All the Wrong Places

Proofpoint Staff

Social media data scams can lead victims to look for love in the wrong places.

February 05, 2015

Dyre Straits: Evolution of the Dyre Banking Trojan Challenges Traditional Defenses

Proofpoint Staff

The sudden and rapid evolution of Dyre to incorporate evasion techniques often associated with more sophisticated, targeted threats highlights a central challenge of today’s threat landscape.

January 29, 2015

Social Media and Brand Risk: Sometimes You Play the Game, Sometimes the Game Plays You

Proofpoint Staff

Social media is a whole new ballgame for cybersecurity, and most businesses have yet to organize their defense for this new challenge.

January 27, 2015

Tax Return Malware Attacks – Hidden Penalty, Early Withdrawal

Proofpoint Staff

April 15 is still months away, but phishers are already filing their campaigns in hopes of an early return. 

January 22, 2015

Now What? Why We Should Talk About Incident Response

Proofpoint Staff

Information security often focuses on the "cool" exploit and detection side of cyber-defense, but the importance of incident response is gaining attention.

January 14, 2015

In Russia, the Phish Spear You

Proofpoint Staff

Spearfishing and spear-phishing may be homonyms, but they have vastly different meanings and apply in very different contexts. Spearfishing is a form of fishing in which the fisherman attempts to impale a fish upon a spear, which can be thr

December 23, 2014

New Dridex Botnet Drives Massive Surge in Malicious Attachments


The Dridex banking Trojan is already well-known and documented in analyses by security researchers from Proofpoint and other organizations.

December 17, 2014

Cybersecurity Predictions for 2015

Proofpoint Staff

2014 was a year in which information security vaulted into the public eye, driven by a surge in both the number and the visibility of data breaches and compromises. 

December 04, 2014

Phishing Kampagne mit gefälschten Kontoauszügen oder Paketankündigungen verbirgt "Emotet Malware" vor deutschen Nutzer

Proofpoint Staff

In den vergangenen Wochen hat Proofpoint eine ziemlich große, fortlaufende Kampagne mit unerwünschten E-Mails erkannt, die deutsche Anwender mit Phishing-Ködern zu locken versucht, um den Banking-Trojaner Emotet auf ihre Rechner zu bringen. Die Kampagne trickst die Reputationsfilter aus, indem pro Tag auf Dutzenden manipulierter Websites geklickt wird, von denen E-Mails mit einer gängigen und effektiven Vorlage des Typs „Kontobenachrichtigung“ verschickt werden.

December 04, 2014

Account Statement Phish Masks Emotet Malware to German Users

Proofpoint Staff

Over the past several weeks Proofpoint has detected a fairly large and ongoing unsolicited email campaign that targets German users with phishing lures designed to deliver the Emotet banking Trojan. The campaign stays ahead of reputation filters by cycling through several dozen compromised websites per day, delivering emails that employ a common and effective “account notification” template.


Stay Connected