Threat Insight

Cybersecurity research and commentary on malware, user actions, and other threats to information security
January 12, 2018

Holiday lull? Not so much

Proofpoint Staff

Proofpoint researchers compare holiday campaigns in 2016 and 2017 and find that this season did not follow the expected pattern of a holiday break for major threat actors.

December 19, 2017

North Korea Bitten by Bitcoin Bug: Financially motivated campaigns reveal new dimension of the Lazarus Group

Darien Huss

Proofpoint researchers detail how APT actors are using cryptocurrency lures to drop backdoors and go after targets with potential interests in Bitcoin as well as point-of-sale infrastructure.

December 14, 2017

Zeus Panda Banking Trojan Targets Online Holiday Shoppers

Proofpoint Staff

Proofpoint researchers detail the use of a well-known banking Trojan to target online holiday shoppers in the UK and Canada.

December 05, 2017

Cybersecurity Predictions for 2018

Proofpoint Staff

Proofpoint researchers look at recent trends to predict ways in which the threat landscape will evolve in 2018.

November 29, 2017

Dialing for dollars - Coinminers appearing as malware components, standalone threats across the web

Proofpoint Staff

Although the first Bitcoin was mined in 2009, the value of the “cryptocurrency” and new alternatives like Litecoin and Monero have risen dramatically in recent months.

November 03, 2017

Credential phishing and an Android banking Trojan combine in Austrian mobile attacks

Proofpoint Staff

Proofpoint researchers describe a campaign targeting German-speaking regions in which credential phishing leads to an Android banking Trojan and concludes with an additional phishing scheme executed by the banking Trojan itself.

November 01, 2017

Threat Actor Profile: KovCoreG, The Kovter Saga


Proofpoint researchers detail the history of the threat actor known as the “KovCoreG Gang” and the evolution of the malicious tools they use across a variety of campaigns.

October 25, 2017

Back to the future: Threat actors dust off old tools for new tricks in the Q3 Threat Report

Proofpoint Staff

Proofpoint researchers detail the trends and notable events from the third quarter of 2017.

October 19, 2017

APT28 racing to exploit CVE-2017-11292 Flash vulnerability before patches are deployed

Kafeine, Pierre T

Proofpoint researchers discover one of the first in-the-wild use of the Flash vulnerability CVE-2017-11292 in malicious document attacks by APT28.

October 16, 2017

Leviathan: Espionage actor spearphishes maritime and defense targets

Axel F, Pierre T

Proofpoint researchers track an actor and their attacks on targets with potential military and government interests.