The sudden and rapid evolution of Dyre to incorporate evasion techniques often associated with more sophisticated, targeted threats highlights a central challenge of today’s threat landscape.
Social media is a whole new ballgame for cybersecurity, and most businesses have yet to organize their defense for this new challenge.
April 15 is still months away, but phishers are already filing their campaigns in hopes of an early return.
Information security often focuses on the "cool" exploit and detection side of cyber-defense, but the importance of incident response is gaining attention.
The Dridex banking Trojan is already well-known and documented in analyses by security researchers from Proofpoint and other organizations.
2014 was a year in which information security vaulted into the public eye, driven by a surge in both the number and the visibility of data breaches and compromises.
Over the past several weeks Proofpoint has detected a fairly large and ongoing unsolicited email campaign that targets German users with phishing lures designed to deliver the Emotet banking Trojan. The campaign stays ahead of reputation filters by cycling through several dozen compromised websites per day, delivering emails that employ a common and effective “account notification” template.
Phishing Kampagne mit gefälschten Kontoauszügen oder Paketankündigungen verbirgt "Emotet Malware" vor deutschen Nutzer
In den vergangenen Wochen hat Proofpoint eine ziemlich große, fortlaufende Kampagne mit unerwünschten E-Mails erkannt, die deutsche Anwender mit Phishing-Ködern zu locken versucht, um den Banking-Trojaner Emotet auf ihre Rechner zu bringen. Die Kampagne trickst die Reputationsfilter aus, indem pro Tag auf Dutzenden manipulierter Websites geklickt wird, von denen E-Mails mit einer gängigen und effektiven Vorlage des Typs „Kontobenachrichtigung“ verschickt werden.
The insider view of a Russian cybercrime infrastructure. Proofpoint security researchers have published an analysis that exposes the inner workings of a cybercrime operation targeting online banking credentials for banks in the United States and Europe.