Email Security

    Cybersecurity Trends: Our Most Read Blogs of 2019 Q2

    See what caught the eyes of Cyber Resilience Insights readers last quarter.

    by Joel Silverstein

    With the second quarter of 2019 in the books, we wanted to provide you a one-stop shop for the most-read new content we posted on Cyber Resilience Insights during that time. Below you'll find links and summaries for the 10 most-read blogs of the second quarter of 2019.

    Reminder: if you haven't subscribed to Cyber Resilience Insights yet, you're missing out on a weekly roundup of all our content. You can sign up here. It's as simple as typing in your email address and hitting "Subscribe Now." That's it. It'll be the easiest thing you do all day.

    Now, on to our quarterly top 10:

    Exploit Using Microsoft Excel Power Query for Remote DDE Execution Discovered - June 27

    The Mimecast Threat Center team discovered a technique to launch remote DDE attacks through a flaw in the Power Query feature of Microsoft Excel. Microsoft offered a workaround for the flaw, and customers with Mimecast Targeted Threat Protection - Attachment Protect are safe from this kind of attack. Ofir Shlomo took a technical deep-dive in this post.

    Obfuscated Fileless Malware in Cyberattackers' Toolkits: A Closer Look - June 4

    In this research from the Mimecast Threat Center team, Dor Zvi examined the increasingly-popular attack technique of fileless malware. Dor also discussed a novel type of fileless malware attack that had not previously been seen. 

    What is the Current State of Email Security Globally? - May 28

    Matthew Gardiner introduced Mimecast's third-annual State of Email Security report in this post from late May. In the post, he highlighted several of the report's key findings, including that 94% of organizations had experienced a phishing attack at some point in the previous 12 months from the survey.

    Real Examples of Threats Missed by Email Security Systems - June 5

    The 9th quarterly release of the Mimecast Email Risk Assessment report highlighted real-life examples of threats that other email security systems missed. Matthew Gardiner explored some of those threats, including impersonation and credential-stealing attacks against Microsoft Office 365 users.

    Insider Threat Protection: How Organizations Address the Inevitable - April 3

    Another one from Matthew Gardiner here, this time examining data from a TechValidate survey on Mimecast's Internal Email Protect service. The survey found that internally-generated email represents the majority of email traffic at most organizations, with 46% of respondents noting that 51%-75% of their overall email traffic is internally generated. 

    Survey Says: Ransomware is Still a Top Threat for Most Organizations - June 19

    In this post highlighting some of the 2019 State of Email Security report findings, Matthew Gardiner de-bunked some of the media discussions about how ransomware is no longer the serious threat to organizations it was a few years ago. In fact, the report cited a 27% increase in ransomware for organizations over the previous year.

    Is Dynamic Analysis Enough to Stop Evasive Malware Attacks? - May 15

    In advance of his appearance at the Infosecurity London conference, Meni Farjon took a look at several key questions security pros should ask: How exactly are attackers leveraging technologies and tools to evade dynamic analysis? How can you tackle evasive malware by using your existing controls? By understanding the pros and cons of the technology, pros would be able to better assess their existing layers of defense.

    Phishing for Selfies? New Scam Targets Chase Bank Customers - April 30

    A phishing scam targeting Chase Bank customers not only asked for victims’ personal information but also requested an uploaded selfie of them holding their ID or driver’s license. Crazy, right? This campaign, discovered by MalwareHunter Team, started with the scam’s landing page that looks like a legitimate Chase Bank login form.

    How Many IT Security Tools Do You Need? - June 11

    CISOs and security professionals have enough to deal with every day. The last thing they need is overload from having to manage too many security tools. Research shows that some enterprises have upwards of 75 different IT security tools in their environment. Marc French examines this issue and offers prescriptive advice on how to de-tangle these webs.

    The Rising Tide of Cyber Awareness in Today's Enterprise - June 12

    Here's another look at some of the data from the State of Email Security report, this time with a view into statistics and trends around awareness training. Michael Madon showed that while adoption continues to rise for awareness training globally, questions remain on methods and how it is actually being adopted.


    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Haut de la page