Cybersecurity

Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
October 02, 2018

DanaBot Gains Popularity and Targets US Organizations in Large Campaigns

Proofpoint Staff

Proofpoint researchers describe new campaigns using the DanaBot banking Trojan.

September 11, 2018

New modular downloaders fingerprint systems - Part 3: CobInt

Proofpoint Staff

Proofpoint researchers provide new analysis of a downloader called CobInt, associated with the Cobalt Group but following a new trend of small-footprint, modular loaders.

August 23, 2018

New modular downloaders fingerprint systems - Part 2: AdvisorsBot

Proofpoint Staff

Proofpoint researchers detail a previously undocumented downloader and a PowerShell/.NET rewrite of the new malware

August 16, 2018

New modular downloaders fingerprint systems, prepare for more - Part 1: Marap

Proofpoint Staff

Proofpoint researchers detail a new downloader used in large campaigns that pave the way for future attacks.

August 15, 2018

Homebuyers routinely phished for credentials with real estate-related lures

Sherrod DeGrippo

Proofpoint researchers track several phishing schemes using real estate lures designed to steal credentials from potential homebuyers.

August 07, 2018

Proofpoint Threat Report: Ransomware returns but banking Trojans keep the top spot in the second quarter of 2018

Proofpoint Staff

Proofpoint researchers provide a snapshot and analysis of the changing threat landscape in the second quarter of this year.

July 30, 2018

New version of AZORult stealer improves loading features, spreads alongside ransomware in new campaign

Proofpoint Staff

Proofpoint researchers detail recent updates to the AZORult information stealer.

July 25, 2018

Parasite HTTP RAT cooks up a stew of stealthy tricks

Proofpoint Staff

Proofpoint researchers analyze a stealthy new remote access Trojan.

July 24, 2018

Kronos Reborn

Proofpoint Staff

Proofpoint researchers examine a new version of the Kronos banking Trojan.

July 19, 2018

TA505 Abusing SettingContent-ms within PDF files to Distribute FlawedAmmyy RAT

Proofpoint Staff

Proofpoint researchers detail a large campaign abusing the DeepLink object in SettingContent-ms files embedded in PDF documents.

Pages

TWITTER @THREATINSIGHT