Security, Web Security

Shift to Remote Working Makes Web Security Gateways Vital

As pandemic-spurred remote working becomes a permanent arrangement for many organizations, cloud-based web security gateways help to safeguard a distributed workforce and enforce compliance.   Key Points: Although increases in remote working we…

Lesen Sie mehr dazu
Archiving, Data Protection

Ready or Not, Here Comes California’s Data Privacy Law

Businesses worldwide face a July 1 deadline to comply with the California Consumer Privacy Act (CCPA). If your organization isn’t ready, now is the time to start. Key Points: On July 1, California begins to enforce the strictest data privacy l…

Lesen Sie mehr dazu
Security, Web Security

Security’s “New Normal”: Remote Working Supercharges the Shift to Cloud Security

451 Research analyst Scott Crawford describes how IT organizations will increasingly leverage cloud security to safeguard more widely distributed people, assets, and networks. Key Points: The long-term increase in remote working and the growth in co…

Lesen Sie mehr dazu
Email Security, Data Protection, Office-365

Critical IT Continuity Planning for a Secure Microsoft 365 National Health Service

As the UK’s National Health Service embraces Microsoft 365 security and productivity services, there are lessons from WannaCry and Exchange Online downtime for protecting critical national infrastructure. In a time when effective healthcare has…

Lesen Sie mehr dazu
Archiving, Data Protection

Get Ready to Play Offense On E-Discovery

The cost and disruption of e-discovery—particularly email discovery—are spiraling up. Play offense on e-discovery to manage those fire drills instead of letting them manage you. Key Points: IT departments are constantly forced to react t…

Lesen Sie mehr dazu
Security, Email Security

Why Email Security Never Seems to Improve, and What You Can Do About It

While security organizations spend billions per year to improve email security, the problem seems to be getting worse faster than it is getting better. Learn about the 7 main reasons this is the case and what you can do to improve your organization&r…

Lesen Sie mehr dazu
Security, Email Security

Why DMARC is Essential for Online Brand Protection

DMARC helps stop bad actors delivering malicious emails that appear to come from your brand’s domain. It helps ensure every email received by your brand’s customers, employees, or anyone else, is authentic. Key Points: Email is as vulner…

Lesen Sie mehr dazu
Awareness Training

Mimecast Voices: Jennifer Odogwu

Editor's note: This is the first in a series of profiles featuring Mimecasters sharing their personal experiences with, and perspectives on prejudice and marginalization, and what actions people can take to better support their colleagues in this era…

Lesen Sie mehr dazu
Email Security, Threat Intelligence Hub

Ransomware Attack Leaves Honda Stuck in "Park"

A large-scale ransomware attack on Honda Motor Co. halts manufacturing operations, highlighting the need to better protect business critical systems. Key Points Honda announced a ransomware attack crippled operations in multiple countries, causing …

Lesen Sie mehr dazu
Security, Threat Intelligence Hub

Ransomware Returns With A New Twist: Pay Up or We’ll Publish

Ransomware attacks have become larger and more sophisticated—and hackers are increasingly stealing sensitive information and threatening to publish it unless the ransom is paid. Key Points: More ransomware attacks are stealing sensitive inform…

Lesen Sie mehr dazu
Security, Email Security

Companies Wake Up to The Value of DMARC for Online Brand Protection

Backed by DMARC and State of Email Security 2020 data, soaring uptake of DMARC worldwide suggests that organizations are recognizing the value of the standard to combat brand impersonation in phishing emails. Key Points: The number of domains using …

Lesen Sie mehr dazu
Security, Coronavirus

The Impact of COVID-19 on Cyber Security Insurance

Cyber threats are surging as employees work from home due to the COVID-19 pandemic, prompting cybersecurity insurers to reassess companies’ security measures—and potentially raise premiums. Key Points: Rising threats and an increase in r…

Lesen Sie mehr dazu
Security, Email Security

Why Cybersecurity Never Seems to Improve, and What You Can Do About It

Security defenses are improving, but cybercriminals move faster than defenders, and the attack surface seems broader than ever. There are five reasons why enterprise security is so challenging. Why does it seem that the security profession is continu…

Lesen Sie mehr dazu
Continuity, Data Protection

Are You Overlooking Email Business Continuity in Your Cloud Migration?

It’s easy to take email continuity for granted, especially when using a cloud-based service. But an outage can undermine productivity and security. Here are some tips for maintaining email business continuity. Key Points: When an email system …

Lesen Sie mehr dazu
Continuity, Data Protection

Cloud Productivity Platform Security: Re-imagining Your IT Resilience Strategy for a Post-Pandemic Society

Cloud productivity suites are booming in the Covid-19 era while cybercriminals continue to adapt to the new attack surface. Here’s a resilience mindset view on how to securely manage the risks of moving the cloud. Amid the tumult of 2020, there…

Lesen Sie mehr dazu
Security, Email Security

Understanding Online Brand Exploitation and Its Consequences

Online brand exploitation is a very real—and complex—cybersecurity issue. A multi-faceted online brand protection strategy can help brands protect themselves and their customers. Key Points: Brand exploitation is a highly complex—a…

Lesen Sie mehr dazu
Awareness Training

Creative Hiring Can Help Solve the Cybersecurity Skills Shortage

Hiring people from non-traditional backgrounds may help you solve the chronic shortage of cybersecurity skills, while bringing in fresh perspectives that can enhance cyber resilience. Key Points: A more creative approach to hiring can help address t…

Lesen Sie mehr dazu
E-Mail-Sicherheit

Want Cyber Resilience? Integrate Email Security into Your SIEM

Integrating email security data with Security Information and Event Management (SIEM) systems can help organizations respond faster to attacks and increase cyber resilience. Key Points: Email is an excellent early warning system for cyberattacks, be…

Lesen Sie mehr dazu
E-Mail-Sicherheit

Defense in Depth for Microsoft 365

Microsoft Office 365 has some good email security features, but also some significant vulnerabilities. A defense in depth strategy can compensate for these weaknesses, and create a more secure email environment. Key Points: Microsoft offers several …

Lesen Sie mehr dazu
E-Mail-Sicherheit

Credential Theft via Email Phishing: Its Rise, Risks, and Solutions

Credential theft is rampant and dangerous—but you can protect your organization and users by taking steps to stop email phishing attacks and password reuse. Key Points: Credential theft continues at extremely high levels as malicious actors ta…

Lesen Sie mehr dazu
E-Mail-Sicherheit

Making Sure Your Third-Party Email Services use DMARC

Third-party email services help businesses conduct essential communications. They may also open the door for malicious email impersonation attempts.   Key Points: Many organizations use valuable third-party services to regularly communicate wit…

Lesen Sie mehr dazu
Threat Intelligence Hub

Shoring Up Brand Protections in the Age of Domain Spoofing

Cybercriminals leverage the trust and digital reputations that online brands have fostered to further their malicious email spoofing and domain spoofing activities. Which are the most impersonated brands on the internet? While the answer varies a bit…

Lesen Sie mehr dazu
E-Mail-Sicherheit

Why Government Organizations Need DMARC

Cybercriminals often spoof government email addresses. Enforcing DMARC can help governments protect citizens—and workers—from malicious email impersonation attempts. Key Points: Governments increasingly rely on email to communicate with …

Lesen Sie mehr dazu
Threat Intelligence Hub, Coronavirus

Threat Intelligence Briefing: Attackers Target Employees Returning to Work—and Increasingly Turn to Non-Traditional Attack Vectors

Key Points: Attackers are shifting focus to target employees returning to work. Non-traditional attack vectors, including vishing and deepfake audio, are on the rise. Mimecast detected a spike in attacks on healthcare organizations, with malicious …

Lesen Sie mehr dazu
E-Mail-Sicherheit

Sharing Threat Intelligence Among Best-of-Breed Security Tools

Cybersecurity tools need to share threat intelligence, using open Application Programming Interfaces (APIs), to effectively defend against cyberattacks.  Key Points: Even the best security tools cannot adequately defend the organization when th…

Lesen Sie mehr dazu
E-Mail-Sicherheit

The Growing Risk of Gift Card Scams

Business email compromise (BEC) scams that involve gift cards usually aren’t very sophisticated—but employees often still fall for them. Key Points: Gift card scams are a growing form of business email compromise attack that thieves use …

Lesen Sie mehr dazu
Threat Intelligence Hub

New Threat Intelligence Report: 100 Days of Coronavirus

The global spread of COVID-19 has created many new opportunities for threat actors since the novel coronavirus began gathering widespread attention at the end of 2019. To provide a clear picture of how malicious actors are exploiting those opportunit…

Lesen Sie mehr dazu
Threat Intelligence Hub, Coronavirus

Be Aware: Tax Scam Season in the U.S. is Extended This Year

Tax scams appear every spring—but the threats will persist longer this year because the U.S. filing deadline has been extended to July 15, 2020. Key Points: Because tax filing deadlines have been pushed back this year due to the COVID-19 pande…

Lesen Sie mehr dazu
E-Mail-Sicherheit

Business Email Compromise (BEC) Attacks: The Top Cause of Payment Fraud

Business email compromise was the #1 source of payment fraud attempts on U.S. organizations in 2019, according to the Association for Financial Professionals. Key Points: 75% of organizations suffered business email compromise (BEC) attacks last yea…

Lesen Sie mehr dazu
Data Protection, Coronavirus

Business Continuity in the Age of Novel Coronavirus

Q&A with business continuity expert Ross Jackson, VP, Organizational Resilience, for Mimecast: what’s working well, what’s weak, what’s coming, what needs a rethink. Key Points: Large companies with mature business continuity p…

Lesen Sie mehr dazu
Threat Intelligence Hub, Coronavirus

Threat Intelligence: Awareness Training Reduces Unsafe Clicks Amid Coronavirus Cyber Threats

New data demonstrates the power of security awareness training in helping to prevent unsafe behavior. Employees that don’t use awareness training are 5.2x more likely to click on bad links. Key points: Consider refreshing security awareness t…

Lesen Sie mehr dazu
Security, Awareness Training

Managing Cyber Risk: Shore Up Your Weakest Link with Awareness Training!

No matter how awesome your cyber risk management program is, it can all go to hell in a single click without equally great employee awareness training. Key Points: Clicking bad links and opening infected attachments causes breaches. A combination of…

Lesen Sie mehr dazu
Threat Intelligence Hub, Coronavirus

Organisationen des Gesundheitswesens von Lösegeldforderung im Kontext des Coronavirus betroffen

Healthcare providers on the front line of the COVID-19 pandemic now also face the threat of catastrophic ransomware attacks delivered via coronavirus-themed emails. Key Points: Hospitals and other medical providers are facing a growing volume of ran…

Lesen Sie mehr dazu
Threat Intelligence Hub, Coronavirus

Threat Intelligence Briefing: Surging Spam and Impersonation Attacks Drive Increasing Coronavirus Cyber Threats

Spam and impersonation attacks have surged to the top of the list of cyberattack vectors driving a significant increase in overall malicious activity and unsafe user behavior, based on Mimecast’s analysis of cyberthreats during the first 100 da…

Lesen Sie mehr dazu
coronavirus

The Mental Risks of Working and Learning in Isolation

Technology enables remote work while social distancing. A UK National Health Service (NHS) psychiatrist discusses how technology is redefining her work, people’s lives, and the risks we all face. Key Points: Mental health specialists are emplo…

Lesen Sie mehr dazu
Security, Coronavirus

Enhancing VPNs for Secure Remote Work During the Coronavirus Pandemic

To support an increase in remote working due to COVID-19, it may be necessary to scale up your VPN services and take extra steps to ensure all employees have secure network access. Key Points: For many organizations, the dramatic increase in remote …

Lesen Sie mehr dazu
Threat Intelligence Hub

Emotet-as-a-Service: A Serious New Cyber Threat

Highly sophisticated cyber criminals are hosting Emotet services, letting far less competent attackers distribute their malware with this powerful tool. Key Points: Malware-as-a-service (MaaS) has emerged as a highly efficient way to distribute mali…

Lesen Sie mehr dazu
Threat Intelligence Hub, Coronavirus

Threat Intelligence Briefing: Increasingly Sophisticated Coronavirus Cyberattacks Exploit Lapses in User Awareness

We’re continuing to observe an extraordinary level of coronavirus-related malicious cyber activity exploiting employees’ confusion and fear, with increasingly sophisticated and targeted attacks contributing to a rise in unsafe user behavi…

Lesen Sie mehr dazu
Security, Email Security, Coronavirus

Coronavirus Response Disrupts Healthcare Data Privacy and HIPAA Compliance

Healthcare data privacy and security are moving targets amid the coronavirus response, as telehealth use skyrockets and governments relax health privacy and data protection rules. Key Points: The coronavirus pandemic has catalyzed at least three maj…

Lesen Sie mehr dazu
coronavirus

Why Today’s Remote Workforce May Be Permanent

Malcolm Harkins is a member of the Cyber Resilience Think Tank, and a guest writer for Cyber Resilience Insights.  The changes to work – not just your new home office, but also the constant contraction/expansion of the economy –…

Lesen Sie mehr dazu
Security, Email Security, Coronavirus

Multi-Faktor-Authentifizierung für eine stärkere E-Mail-Sicherheit bei zunehmenden Phishing-Angriffen

Multi-factor authentication can play an important role in keeping remote workers—and your corporate network—secure during the COVID-19 crisis, if you let it. Key Points: As employees go home to work by the millions, bad actors see a huge…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub, Coronavirus

Threat Intelligence Briefing: Skyrocketing Coronavirus Cyber Attacks

We’re continuing to see an unprecedented level of malicious activity as the COVID-19 pandemic unfolds, with threat actors shifting their focus to prey on the latest evolving anxieties of people who are working at home or self-isolating due to h…

Lesen Sie mehr dazu
Security, Email Security

Beyond OSI Layer 7: Carbon-based Vulnerability and Business Risk

Sam Curry is a member of the Cyber Resilience Think Tank, and a guest writer for Cyber Resilience Insights.  The Open Systems Interconnection model (OSI) for computer communications has roots in the 70s and early 80s and uses a 7-layer ab…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub

Microsoft Excel Encryption Vulnerability Paves the Way for Malware

Editor’s note: Thanks to Mimecast Threat Center’s Doron Attias and Tal Dery for this discovery. Microsoft Excel’s standard file encryption capabilities can be used to obfuscate and deliver malware. Mimecast Threat Center researchers…

Lesen Sie mehr dazu
Security, Coronavirus

When Chaotic Systems Collide: The Dance Between Biology and Cybersecurity

Sam Curry is a member of the Cyber Resilience Think Tank, and a guest writer for Cyber Resilience Insights.  Author Yuval Noah Harrari in Sapiens highlights an important distinction between types of chaotic systems: first order systems can be ex…

Lesen Sie mehr dazu
Security, Email Security, Threat Intelligence Hub, Coronavirus

Coronavirus Phishing Attacks Speed Up Across the Globe

Unsafe clicks from COVID-19-themed email phishing attacks nearly double in recent weeks; Mimecast blocks up to 5,000 URLs related to the Coronavirus a day—37x what we blocked in January. Security professionals in organizations attempting to per…

Lesen Sie mehr dazu
Security, Email Security, Coronavirus

Threat Intelligence Briefing: Gefährliche Keywords bei Coronavirus-Phishing-Angriffen

Coronavirus Phishing Attacks and Domain Registrations Increase Dramatically This week’s Global Cyber Threat Intelligence Weekly briefing was the first in an ongoing series of interactive web sessions from Mimecast with the mission of helping c…

Lesen Sie mehr dazu
Archiving, Data Protection, Coronavirus

Cloud Collaboration Tools Show Leadership in Business Continuity

After initial business continuity ‘hiccups,’ cloud collaboration tools bounce back with surprising resilience; they focus on core functions, letting peripheral functions lag. Key Points: Millions of new remote workers swarm onto cloud co…

Lesen Sie mehr dazu
Security, Email Security

Business E-Mail Compromise kostet US-Unternehmen 1,7 Mrd. USD

The FBI says business email compromise is now the biggest cause of cybercrime financial losses for U.S. organizations. But ransomware attacks are also on the rise again.  Key Points: &n…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub, Coronavirus

Beware of Quickly-Evolving Coronavirus Email Phishing Attacks

Cyber criminals continually morph COVID-19 phishing scams to exploit what people are most anxious about at any given moment. Key Points: As every organization you’ve ever touched emails to let you know their coronavirus plans, email phishers a…

Lesen Sie mehr dazu
coronavirus

Coronavirus im Kontext von Cybersicherheit: So können Sie sich vorbereiten

To help prevent the spread of COVID-19 and help keep our communities safe throughout the globe, last week Mimecast suspended all cross-border travel, limited domestic travel and advised employees to postpone events with 15 or more people. At tha…

Lesen Sie mehr dazu
coronavirus

10 Schritte zur Aufrechterhaltung der Web-Sicherheit im Home Office

Governments across the globe have put extreme measures in place to limit the spread of coronavirus, prohibiting large public gatherings, closing schools and day care facilities, and encouraging “social distancing” to keep new coronavirus…

Lesen Sie mehr dazu
Awareness Training, Threat Intelligence Hub, Coronavirus

Cyber Awareness: Top 3 Steps to Combat Cyber Disruption, Chaos and Profiteering

By now, COVID-19, or coronavirus, has likely dominated conversations and elicited new behavior at work, school, and home, given the rapid spread. But while we shift daily life and routines, the threat intelligence landscape is shifting as well: thre…

Lesen Sie mehr dazu
Security, Email Security, Coronavirus

Mimecast’s Preparedness and Response to Novel Coronavirus (COVID-19) Pandemic

Our hearts go out to everyone who has been affected by the COVID-19 virus in any way.  The health and safety of our employees, customers and partners and their families is one of our deepest concerns during this time. As the virus continues to s…

Lesen Sie mehr dazu
Security, Coronavirus

HIMSS: Ist das Coronavirus ein Hindernis oder eine Chance für die Sicherheit im Gesundheitswesen?

As many of you know last Thursday HIMSS announced it was “clearly necessary to cancel the 2020 HIMSS Global Health Conference & Exhibition following the many reports from the World Health Organization (WHO) and the Cent…

Lesen Sie mehr dazu
Threat Intelligence Hub

New Cyber Threat Intelligence Report Reveals the Rise of Emotet

The Mimecast Threat Center launched the Threat Intelligence Report: RSA Conference Edition today, finding a 145% increase in attack campaigns across the globe from October to December. Researchers believe the increase can be attributed to Emotet&rsq…

Lesen Sie mehr dazu
Sicherheit

How to Address Cybersecurity Vendor Acquisitions

How to Address Cybersecurity M&A in Your Security Environment The role of cybersecurity and the overall importance of ensuring CISOs have a seat at the table for the acquisition process in its entirety is well documented; the value of data and t…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub

Microsoft führt Patch für Windows CryptoAPI / CVE-2020-0601 ein

In the first Patch Tuesday of 2020, Microsoft has released a new patch for a serious Windows vulnerability, CVE-2020-0601, or the Windows CryptoAPI Spoofing Vulnerability. The vulnerability has grave implications for machines running 32- or 64-bit W…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub

Anstieg von Tax Identify Theft während der Hauptsaison für Steuererklärungen

With the 2020 tax season underway, cybersecurity analysts are seeing an increase in the number of impersonation attacks focused on stealing personal information through voice phishing, texts, and email. According to the Daily Mirror and other news s…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub

Criminals Target American Infrastructure with Phishing and Malware

Enterprise networks throughout the United States are experiencing an escalation of phishing and malware attacks orchestrated by technologically advanced criminal groups around the world. With the intent of stealing data, profitin…

Lesen Sie mehr dazu
Security, Threat Intelligence Hub

Mimecast entdeckt MDB Leaker: Microsoft Access-Sicherheitsanfälligkeit CVE-2019-1463

The Security Implications of an Apparent Memory Leak in the Microsoft Access Database Editor’s note: Thanks to Mimecast Research Labs’ Ofir Shlomo and Tal Dery for this discovery. In January 2019, Mimecast Research Labs discovered and …

Lesen Sie mehr dazu
Sicherheit

4 Anforderungen zum Schutz Ihrer Marke vor Missbrauch

The increasingly digital global economy has created a “perfect storm” for cyber attackers. As our reliance on websites and email to interact with organizations has grown, so too has the opportunity for criminals who are increasingly prey…

Lesen Sie mehr dazu