Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
October 01, 2015

In the Shadows: Vawtrak Aims to Get Stealthier by adding New Data Cloaking

Darien Huss and Matthew Mesa

In what is likely to be a short-lived cessation in Dridex campaigns while the criminal proponents behind that malware scramble to find a new delivery channel, it appears as though other malware purveyors may be positioning themselves to take additional market share of the lucrative crimeware aren

September 28, 2015

Dyreza Campaigners Set Sights on the Fulfillment and Warehousing Industry

Proofpoint Staff

Within the last week, the now infamous “man-in-the-browser” (MITB) banking malware Dyreza appears to have significantly expanded its target set of entities from which to steal credentials.

September 24, 2015

Meet GreenDispenser: A New Breed of ATM Malware

Thoufique Haq

On the heels of recent disclosures of ATM malware such as Suceful, Plotus and Padpin (aka Tyupkin), Proofpoint research has discovered yet another variant of ATM malware.

September 18, 2015

Operation Arid Viper Slithers Back into View

Proofpoint Staff

Earlier this year, researchers published analyses of targeted attack known as Operation Arid Viper (aka Desert Falcons, aka DHS) directed primarily at organizations in the Middle East.

September 15, 2015

In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia

Thoufique Haq & Aleksey F

Proofpoint researchers recently observed a campaign targeting telecom and military in Russia. Beginning in July 2015 (and possibly earlier), the attack continued into August and is currently ongoing.

September 04, 2015

Too Many Crooks in the Kitchen

Proofpoint Staff

What happens when threat actors overload an exploit kit? Proofpoint researchers open door of a malware clown car.

August 27, 2015

Hunter Exploit Kit Targets Brazilian Banking Customers

Proofpoint Staff

Proofpoint threat researchers analyze a new exploit kit priced to bring flexible malware delivery to cost-conscious cybercriminals.

August 14, 2015

You Dirty RAT: Analyzing an AlienSpy Payload

Thoufique Haq

The media recently reported [1] on a potential targeted cyberattack on Alberto Nisman, an Argentine prosecutor who was found dead under mysterious circumstances.

August 13, 2015

Proofpoint Threat Report: Top trends of 2015 so far

Proofpoint Staff

Proofpoint review of threat trends for the first six months of 2015 finds that cybercriminals have changed tactics and techniques as they target business users with increasingly malicious campaigns.

August 06, 2015

Dead phish bounce: Alerting to brand risk with email backscatter

Proofpoint Staff

Proofpoint threat analysts show how the backscatter from bounced phishing messages can alert ab organization that their brand is being misused to carry out credential phishing.