Proofpoint researchers detail the evolution of the EITest infection chain and help sinkhole the long-running operation.
Proofpoint researchers detail how actors are creating Bitcoin-related domains that may be used for typo-squatting attacks and fraud.
Proofpoint researchers studied a previously undocumented botnet providing Fast Flux infrastructure for cybercrime.
Unraveling ThreadKit: New document exploit builder used to distribute The Trick, Formbook, Loki Bot and other malware
In October 2017, Proofpoint researchers discovered a new Microsoft Office document exploit builder kit that featured a variety of recent exploits as well as a mechanism to report infection statistics.
In 2018, Proofpoint researchers have observed another strong season for tax-themed email lures, and the payloads of these campaigns are representative of broader malware trends and highlight notable differences compared to last year.
Proofpoint researchers track a new web-based attack chain offered as a service to threat actors
Proofpoint researchers track campaigns involving a new RAT based on the leaked source code of the Ammyy Remote Administration tool.
Proofpoint researchers analyze a massive Monero mining botnet.
Proofpoint researchers track operators of a Tor proxy diverting ransomware payments to their own Bitcoin wallets.
Proofpoint researchers detail the trends and changes in the threat landscape over the last quarter of 2017.