Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
November 29, 2017

Dialing for dollars - Coinminers appearing as malware components, standalone threats across the web

Proofpoint Staff

Although the first Bitcoin was mined in 2009, the value of the “cryptocurrency” and new alternatives like Litecoin and Monero have risen dramatically in recent months.

November 03, 2017

Credential phishing and an Android banking Trojan combine in Austrian mobile attacks

Proofpoint Staff

Proofpoint researchers describe a campaign targeting German-speaking regions in which credential phishing leads to an Android banking Trojan and concludes with an additional phishing scheme executed by the banking Trojan itself.

November 01, 2017

Threat Actor Profile: KovCoreG, The Kovter Saga


Proofpoint researchers detail the history of the threat actor known as the “KovCoreG Gang” and the evolution of the malicious tools they use across a variety of campaigns.

October 25, 2017

Back to the future: Threat actors dust off old tools for new tricks in the Q3 Threat Report

Proofpoint Staff

Proofpoint researchers detail the trends and notable events from the third quarter of 2017.

October 19, 2017

APT28 racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed

Kafeine, Pierre T

Proofpoint researchers discover one of the first in-the-wild use of the Flash vulnerability CVE-2017-11292 in malicious document attacks by APT28.

October 16, 2017

Leviathan: Espionage actor spearphishes maritime and defense targets

Axel F, Pierre T

Proofpoint researchers track an actor and their attacks on targets with potential military and government interests.

October 06, 2017

Kovter Group malvertising campaign exposes millions to potential malware and fraud

Kafeine and Proofpoint Staff

Proofpoint researchers describe recent malvertising activity by the so-called “KovCoreG group” impacting several high-ranking websites.

September 27, 2017

Threat Actor Profile: TA505, From Dridex to GlobeImposter

Proofpoint Staff

Proofpoint researchers detail the malware and notable campaigns associated with one of the most prolific threat actors: TA505.

September 21, 2017

Retefe banking Trojan leverages EternalBlue exploit in Swiss campaigns

Proofpoint Staff

Proofpoint researchers track versions of the Retefe banking Trojan that use the now infamous EternalBlue exploit to move within networks after initial infections.

September 18, 2017

German elections are on September 24, but spammers have already cast their votes

Proofpoint Staff

As with other recent high-profile elections, Proofpoint researchers have observed a direct correlation among spam volumes, major events, and opinion polls in the German national election.


Stay Connected