Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
June 01, 2017

Microsoft Word Intruder Integrates CVE-2017-0199, Utilized by Cobalt Group to Target Financial Institutions

Matthew Mesa, Axel F, Pierre T, Travis Green

Proofpoint researchers track the actor known as Cobalt using Microsoft Word Intruder (MWI) and a well-known vulnerability to target financial institutions.

May 31, 2017

What Election Spam Can Tell Us About Candidates and Election Outcomes

Proofpoint Staff

After multiple election cycles, Proofpoint researchers point to relationships between spam volumes and election outcomes.

May 25, 2017

“Where are the exploits of yesteryear?” Marking one year since a major EK featured a new unpatched vulnerability

Proofpoint Staff

Proofpoint researchers track the effectiveness of exploit kits and the declining availability of unpatched vulnerabilities.

May 15, 2017

Adylkuzz Cryptocurrency Mining Malware Spreading for Weeks Via EternalBlue/DoublePulsar


Proofpoint researchers have discovered another massive ongoing attack using EternalBlue/DoublePulsar to spread the cryptocurrency miner Adylkuzz.

May 11, 2017

Jaff - New Ransomware From the Actors Behind the Distribution of Dridex, Locky, and Bart

Proofpoint Staff

Proofpoint researchers analyze new ransomware from the actors who brought us Dridex, Locky, and Bart.

May 10, 2017

Introducing Loda Malware

Proofpoint Staff

Proofpoint researchers describe a previously undocumented keylogger and remote access Trojan called Loda.

April 27, 2017

APT Targets Financial Analysts with CVE-2017-0199

Axel F

Proofpoint researchers track a China-based APT actor and their attacks on financial services analysts covering the telecommunications industry.

April 26, 2017

Facebook Spam Botnet Trades Account Access for Likes

Proofpoint Staff

Proofpoint researchers analyze a Facebook spam botnet that uses a legitimate app and the human factor to spam a major media company.

April 25, 2017

Philadelphia Ransomware Brings Customization to Commodity Malware

Proofpoint Staff

Proofpoint researchers track the changing ransomware landscape and examine the use of commodity ransomware in targeted attacks on healthcare organizations.

April 21, 2017

A Quiet Quarter Ends With a Bang: Proofpoint Q1 Threat Report

Proofpoint Staff

Proofpoint researchers track the latest trends in malware and online threats for the first quarter of the year.


Stay Connected