See what caught the eyes of Cyber Resilience Insights readers this quarter.
With the first quarter of 2019 drawing to a close, we wanted to provide you a one-stop shop for the most-read new content we've posted on Cyber Resilience Inights so far. Below you find links and summaries for the 10 most-read blogs of the first quarter of 2019.
We hope that you'll revisit content you have have come across already or find something new and insightful as you consider how best to navigate your cyber resilience journey.
We thank you for your readership and continued support as we turn the corner from winter into spring.
Reminder: if you haven't subscribed to Cyber Resilience Insights yet, you're missing out on a weekly roundup of all our content. You can sign up here. It's as simple as typing in your email address and hitting "Subscribe Now." That's it. It'll be the easiest thing you do all day.
Now, onto our quarterly top 10:
Boris Vaynberg took a look ahead in January to what he expected to be the big cybersecurity trends of the year. The four main ones he identified were phishing campaigns, memory-based exploits, cryptomining and Internet of Things (IoT) security. It will be interesting to look back at the end of 2019 on these areas.
Matthew Gardiner offered a summation of a significant finding in 2018 by the Mimecast Research Labs team that showed Microsoft Office files using ActiveX controls were causing memory leaks. Microsoft issued the above CVE number in response and patched the vulnerability.
The Mimecast Research Labs team returned in March with a detailed technical analysis of an exploit discovered as part of its research. Mimecast Chief Scientist for Advanced Threat Detection Meni Farjon went on a deep dive of the issue, which chains together a patched memory corruption issue in Word files with a vulnerability in the Object Linking and Embedding file format.
One more from our Research Labs team: In the run-up to this year’s Valentine’s Day, cybercriminals played on people’s emotions to entice them to click on malicious URLs and open malicious attachments. They did this using the GandCrab ransomware-as-a-service kit, and Josh Douglas provided a rundown of the details.
Our 8th Email Security Risk Assessment (ESRA) report was released at the beginning of March, and for the blog this time around, Matthew Gardiner focused on the results as they related to performance of the Microsoft Office 365™ email security service. You might be surprised at what the services misses.
Cyber Resilience Think Tank member Malcolm Harkins provided expert insight on what it takes for organizations to roll out programs related to cyber threat intelligence. He offered a four-part methodology any organization can follow to get started.
In the January edition of his blog series on helping non-technical people in an organization understand the importance of cyber resilience, our COO Ed Jennings examined how companies should evaluate their security vendors on an annual basis and make them earn your money.
What is cyber threat intelligence? It can't be just about subscribing to multiple data feeds and hoping for the best. In this post introducing the way Mimecast promises to approach threat intelligence, Josh Douglas argues for a more wholistic approach and using multiple tactics to achieve the goals set forth by threat intelligence.
This post from Marc French was the last in our eight-part series on how any organization can approach threat intelligence and roll out their own program. His big takeaways including: choosing feeds wisely, constantly checking your work, reporting on your success and sharing what you find.
Matthew Gardiner pulled the numbers from the December ESRA report to show that email security systems for healthcare organizations are lacking behind their peers at a time when attacks continue to rise.
Want more great articles like this?Subscribe to our blog.
Get all the latest news, tips and articles delivered right to your inbox
You will receive an email shortly