Summit to be followed by week of SANS cyber security training delivered by industry-leading experts
By Doros Hadjizenonos, Regional Director – SADC at Fortinet
The latest research from global IT security training company SANS Institute demonstrates that among 14-18-year-olds across seven countries in the Middle East and Europe, the choice of IT (including cyber security) as a career is highest in Saudi Arabia and the UAE (47% and 46% respectively). Of those students who are interested in a career in IT, 49% were specifically interested in cyber security across the EMEA sample of students, with Saudi Arabia and UAE leading the pack at 63% and 58% respectively.
Study Reveals Privileged Credential Abuse is Involved in 74 Percent of Data Breaches, Yet Over Half of Organizations are Not Taking Basic Steps to Prevent It
Tenable®, Inc., the Cyber Exposure company, today announced that the company more than doubled its Cyber Exposure Ecosystem throughout 2018, including 43 new or enhanced technology integrations and 20 new integration partners. The ecosystem now supports a total of 50 integrations and 39 technology partners.
SANS Institute, which is known as the global leader in cybersecurity training has announced it’s next immersion style cybersecurity training program in Dubai. SANS Dubai 2019 will be held at the Hilton Dubai Jumeirah Beach from January 26 to 30, 2019. This will feature 3 of SANS’ best performing cybersecurity classes. These classes will help the participants to develop their skills to defend the organizations against security breaches.
by Brian Pinnock, cyber security specialist at Mimecast
Digital transformation set to shift from theory to reality in the next 12 months, claims Dimension Data in the new report focusing on customer experience, cybersecurity, digital and technology futures
Mimecast Releases Latest Report from Cyber Resilience Think Tank
Group marks new ‘Independence Day’ by completing investment transaction with Permira, maintaining its undiluted business approach and aggressive growth trajectory
Scott Manson, Cybersecurity Lead – Middle East and Africa, Cisco
By Alastair Paterson, CEO and Co-Founder, Digital Shadows
Blog by Matthew Gardiner, Senior Product Marketing Manager, Mimecast
Most people live under the assumption that email is immutable once delivered, like a physical letter. A new email exploit, dubbed ROPEMAKER by Mimecast’s research team, turns that assumption on its head, undermining the security and non-repudiation of email; even for those that use SMIME or PGP for signing. Using the ROPEMAKER exploit a malicious actor can change the displayed content in an email at will. For example, a malicious actor could swap a benign URL with a malicious one in an email already delivered to your inbox, turn simple text into a malicious URL, or edit any text in the body of an email whenever they want. All of this can be done without direct access to the inbox.
Described in more detail in a recently published security advisory, Mimecast has been able to add a defense against this exploit for our customers and also provide security recommendations that can be considered non-customers to safeguard their email from this email exploit.
So what is ROPEMAKER?
The origin of ROPEMAKER lies at the intersection of email and Web technologies, more specifically Cascading Style Sheets (CSS) used with HTML. While the use of these Web technologies has made email more visually attractive and dynamic relative to its purely text-based predecessor, this has also introduced an exploitable attack vector for email.
Clearly, giving attackers remote control over any aspect of ones’ applications or infrastructure is a bad thing. As is described in more depth in the ROPEMAKER Security Advisory, this remote-control-ability could enable bad actors to direct unwitting users to malicious Web sites or cause other harmful consequences using a technique that could bypass common security controls and fool even the most security savvy users. ROPEMAKER could be leveraged in ways that are limited only by the creativity of the threat actors, which experience tells us, is often unlimited.
To date, Mimecast has not seen ROPEMAKER exploited in the wild. We have, however, shown it to work on most popular email clients and online email services. Given that Mimecast currently serves more than 27K organizations and relays billions of emails monthly, if these types of exploits were being widely used it is very likely that Mimecast would see them. However, this is no guarantee that cybercriminals aren’t currently taking advantage of ROPEMAKER in very targeted attacks.
For details on email clients that we tested that are and are not exploitable by ROPEMAKER and the specifics on a security setting recommended by Apple for Apple Mail, please see the ROPEMAKER Security Advisory.
Is ROPEMAKER a software vulnerability, a form of potential application abuse/exploit, or a fundamental design flaw resulting from the intersection of Web technologies and email? Does it really matter which it is? For sure attackers don’t care why a system can be exploited, only that it can be. If you agree that the potential of an email being changeable post-delivery under the control of a malicious actor increases the probability of a successful email-borne attack, the issue simplifies itself. Experience tells us that cybercriminals are always looking for the next email attack technique to use. As an industry let’s work together to reduce the likelihood that the ROPEMAKER style of exploits gains any traction with cybercriminals!
Want to learn more? Download the full ROPEMAKER security advisory.
With cyber threats evolving and threatening to affect organizations day to day activities, the cost of implementing IT security solutions has significantly increased from “US$75.4 billion in 2015 and expected to reach US$101 billion in 2018 (Gartner) and US$170 billion by 2020 globally, while the Middle East Cybersecurity market is expected to reach around US$10 billion by 2019, double the US$5 billion it was worth in 2014”.