Security provider Cyren goes into liquidation – NoSpamProxy and several other vendors affected

[German]Information for users who use security features of the provider Cyren (e.g. NoSpamProxy). The provider Cyren is in economic difficulties and will probably be liquidated – the relevant services will be discontinued. The provider NoSpamProxy has already reacted and plans to release an adapted version 14.0.5. It is possible that other products (e.g. SecurePoint's UTM, see reader comment), which are based on Cyren's security functions, are also affected.

A readers note

German blog reader Cedric F. alerted me to the issue in a private message (thanks for that). Cedric wrote:

Hi Günter,

I got a mail from NoSpamProxy the days that the company Cyren is in financial trouble and should/will go into liquidation.

Complementary to this I also found an article describing this. Maybe interesting for some who still use services from Cyren.

Greetings

Cedric

Information from NoSpamProxy

The mail from NoSpamProxy contains the following information.

We inform you here about the current changes and improvements in NoSpamProxy to ensure the usual detection quality and our recommendation how you can benefit from these news as soon as possible.

As already announced on 03.02.2023, the Cyren services that NoSpamProxy uses will soon be unavailable due to economic difficulties of the provider.

In week 11 we will release a customized version 14.0.5 of NoSpamProxy Server. This version will no longer include Cyren components, as they have been replaced by the new "Core Antispam Engine". This engine replaces the previous filters "Cyren AntiSpam" and "Cyren IP Reputation".

Furthermore, the "Malware Scanner Action" has been adapted so that the "Cyren AntiVirus Service" has been exchanged for the "Integrated Malware Scanner". Both components are supplied by an established partner with excellent detection quality. In the properties of the SURBL filter, the corresponding entry for Cyren has also been removed.

NoSpamProxy has published some information in its blog in an update dated February 24, 2023:

In the past few days, we have once again improved our cloud-based metadata service "32Guards" so that the checking of URLs is now primarily carried out by 32Guards. This change is already active and can be used by all customers who have NoSpamProxy 14 in use. Customers who are still using NoSpamProxy in version 13.2 can also use 32Guards from now on without having to register for it. The corresponding action is called "Project Heimdall" in this version and only needs to be activated in the corresponding rules.

Our recommendations:

• Our recommendations, which we published at the beginning of February, still apply.
• Users of NoSpamProxy Protection who use older versions should update to version 14 in the short term and ensure that 32Guards is active both as an action and as a filter.
• Activate the file-based virus scanner in the Malware Scanner action (if not already done) and check the local virus scanner (Microsoft Defender or similar) for up-to-dateness.
• The Cyren services are still functional and should remain included in the rules. Only when the connections to Cyren no longer work should you deactivate the Cyren-based filters and actions.
• We recommend that customers who use the sandbox functionality no longer do so, and that they deactivate the sandbox in the content filter.

Other vendors/products affected

Addendum: After publishing the German article, many users has send feedback (also on Facebook and via mail). A reader wrote via email:

Good morning Mr. Born,

I have just stumbled across your report on Cyren – perhaps adding to it: In Germany, the business was handled by the former subsidiary Eleven, which also owns some of the products used by Cyren.

All a bit more complicated, but well summarized here. [unfortunately in German]

Here is a (non-exhaustive) list, derived from reader feedback, of other providers or products that have accessed Cyren's services.

• Securepoint UTM, see Neue UTM-Version bringt wichtige neue Dienste
•  Lancom UF, see OEM-Partner für Content-Filtering- und Anti-Spam-Services der Unified Firewalls insolvent
• Sonicwall
• Sophos UTM
• MDaemon (Alt-N)
• SecurityGateway (Alt-N)
• Zyxel
• Draytek
• GFI
• eXpurgate.Cloud (formerly Cyren Email Security), eXpurgate.Cloud, eXpurgate (see this FAQ from eleven)

If you know of other products, please leave a comment.

Information about Cyren

Cyren Inc is a cloud-based Internet security technology company that provides security as a service and threat intelligence services to enterprises. As of February 1, 2023, the publicly traded company has issued a mandatory announcement. According to the statement, the company is facing financial difficulties and is laying off a large number of its employees. The Cyren services that contribute to NoSpamProxy Protection's spam and virus detection are affected.

The article Cybersecurity Firm Cyren To Pursue Liquidation mentioned by Cedric has some more details. The email security and threat detection provider has initiated liquidation proceedings due to its failure to "raise additional sources of liquidity or to complete a sale to continue as a going concern." Cyren's board of directors has now "approved a plan to cease operations and initiate bankruptcy proceedings for the company and liquidate its wholly owned subsidiaries," the company writes in the following press release.

Cyren Announces Liquidation

MCLEAN, VA / ACCESSWIRE / February 22, 2023 / Cyren (NASDAQ:CYRN), a provider of email inbox security and threat detection solutions, today announced that, in response to its inability to secure additional sources of liquidity or consummate a going concern sale, as previously disclosed, the Board of Directors of the Company approved a plan to cease operations and commence insolvency proceedings for the Company and to liquidate its wholly-owned subsidiaries under applicable insolvency and other laws.

The Company intends to commence a voluntary bankruptcy proceeding in Israel by filing an insolvency application with the Tel Aviv District Court. The Company also approved (i) its US subsidiary, Cyren, Inc. commencing a general assignment for the benefit of creditors and (ii) the commencement of liquidation proceedings by its subsidiaries in the United Kingdom, Germany and Iceland in accordance with the applicable laws of those jurisdictions.

The Company has notified Nasdaq of the foregoing and expects that its ordinary shares will cease trading on Nasdaq upon such date that Nasdaq determines, and that Nasdaq will subsequently file a Form 25 with the United States Securities and Exchange Commission (the "SEC") to delist the Company's ordinary shares. The Company expects to cease reporting as a public reporting company.

The Company cautions that trading in its ordinary shares is highly speculative and poses substantial risks. Trading prices may bear little or no relationship to the actual recovery, if any, by holders of the Company's securities.

Cautionary Statements Regarding Forward-Looking Information

Certain statements in this communication constitute "forward-looking statements" within the meaning of the federal securities laws. These statements are based on management's current opinions, expectations, beliefs, plans, objectives, assumptions or projections regarding future events or future results. These forward-looking statements are only predictions, not historical fact, and involve certain risks and uncertainties, as well as assumptions. Actual results, levels of activity, performance, achievements and events could differ materially from those stated, anticipated or implied by such forward-looking statements. While the Company believes that its assumptions are reasonable, it is very difficult to predict the impact of known factors, and, of course, it is impossible to anticipate all factors that could affect actual results. There are many risks and uncertainties that could cause actual results to differ materially from forward-looking statements made herein including the risks discussed under the heading "Risk Factors" in the Company's Annual Report on Form 10-K for the year ended December 31, 2021 and the Company's Quarterly Report on Form 10-Q for the fiscal quarter ended September 30, 2022 filed with the SEC, as well as other factors described from time to time in the Company's filings with the SEC. Such forward-looking statements are made only as of the date of this communication. The Company undertakes no obligation to publicly update or revise any forward-looking statement because of new information, future events or otherwise, except as otherwise required by law. If it does update one or more forward-looking statements, no inference should be made that the Company will make additional updates with respect to those or other forward-looking statements.