Tag Archives: Mimecast

Mimecast to Demonstrate Cyber Resilience for Email at GISEC

Mimecast to address growing instances of targeted threats, such as impersonation attacks, with the introduction of new product features read more

Posted in ICT | Tagged , , | Comments Off on Mimecast to Demonstrate Cyber Resilience for Email at GISEC

Healthcare is a Major Target for Cybercriminals

By Brandon Bekker, Managing Director at Mimecast, Africa and the Middle East read more

Posted in ICT | Tagged , , | Comments Off on Healthcare is a Major Target for Cybercriminals

Cybercriminals Switching to Impersonation Attacks to Bypass Email Security Systems

Mimecast ESRA Report Shows Sharp Rise in Impersonation Attacks read more

Posted in ICT | Tagged , , , , | Comments Off on Cybercriminals Switching to Impersonation Attacks to Bypass Email Security Systems

New Wave of Cyberattacks

COMMENT on the “Bad Rabbit” ransomware attack by Steven Malone, Director of Security Product Management, Mimecast read more

Posted in ICT | Tagged , , , , , | Comments Off on New Wave of Cyberattacks

Mimecast to Present the Latest Email-borne Cyber Attacks at GITEX

Brandon Bekker, Managing Director at Mimecast MEA. read more

Posted in ICT | Tagged , , | Comments Off on Mimecast to Present the Latest Email-borne Cyber Attacks at GITEX

2017, THE YEAR WHEN CYBERCRIME HIT CLOSE TO HOME

Major law enforcement successes despite an increasingly professionalised cybercrime landscape

The past 12 months have seen a number of unprecedented cyber-attacks in terms of their global scale, impact and rate of spread. Already causing widespread public concern, these attacks only represent a small sample of the wide array of cyber threats we now face. Europol’s 2017 Internet Organised Crime Threat Assessment (IOCTA) identifies the main cybercrime threats and provides key recommendations to address the challenges. read more

Posted in ICT | Tagged , , | Comments Off on 2017, THE YEAR WHEN CYBERCRIME HIT CLOSE TO HOME

ROPEMAKER: Email Security Weakness – Vulnerability or Application Misuse?

Blog by Matthew Gardiner, Senior Product Marketing Manager, Mimecast

Most people live under the assumption that email is immutable once delivered, like a physical letter.  A new email exploit, dubbed ROPEMAKER by Mimecast’s research team, turns that assumption on its head, undermining the security and non-repudiation of email; even for those that use SMIME or PGP for signing.  Using the ROPEMAKER exploit a malicious actor can change the displayed content in an email at will. For example, a malicious actor could swap a benign URL with a malicious one in an email already delivered to your inbox, turn simple text into a malicious URL, or edit any text in the body of an email whenever they want. All of this can be done without direct access to the inbox.

Described in more detail in a recently published security advisory, Mimecast has been able to add a defense against this exploit for our customers and also provide security recommendations that can be considered non-customers to safeguard their email from this email exploit.

So what is ROPEMAKER?

The origin of ROPEMAKER lies at the intersection of email and Web technologies, more specifically Cascading Style Sheets (CSS) used with HTML.  While the use of these Web technologies has made email more visually attractive and dynamic relative to its purely text-based predecessor, this has also introduced an exploitable attack vector for email. 

Clearly, giving attackers remote control over any aspect of ones’ applications or infrastructure is a bad thing.  As is described in more depth in the ROPEMAKER Security Advisory, this remote-control-ability could enable bad actors to direct unwitting users to malicious Web sites or cause other harmful consequences using a technique that could bypass common security controls and fool even the most security savvy users.  ROPEMAKER could be leveraged in ways that are limited only by the creativity of the threat actors, which experience tells us, is often unlimited.

To date, Mimecast has not seen ROPEMAKER exploited in the wild.  We have, however, shown it to work on most popular email clients and online email services.  Given that Mimecast currently serves more than 27K organizations and relays billions of emails monthly, if these types of exploits were being widely used it is very likely that Mimecast would see them.  However, this is no guarantee that cybercriminals aren’t currently taking advantage of ROPEMAKER in very targeted attacks.

For details on email clients that we tested that are and are not exploitable by ROPEMAKER and the specifics on a security setting recommended by Apple for Apple Mail, please see the ROPEMAKER Security Advisory.

Is ROPEMAKER a software vulnerability, a form of potential application abuse/exploit, or a fundamental design flaw resulting from the intersection of Web technologies and email?  Does it really matter which it is? For sure attackers don’t care why a system can be exploited, only that it can be. If you agree that the potential of an email being changeable post-delivery under the control of a malicious actor increases the probability of a successful email-borne attack, the issue simplifies itself.  Experience tells us that cybercriminals are always looking for the next email attack technique to use.  As an industry let’s work together to reduce the likelihood that the ROPEMAKER style of exploits gains any traction with cybercriminals!

Want to learn more? Download the full ROPEMAKER security advisory.

Posted in ICT | Tagged , , | Comments Off on ROPEMAKER: Email Security Weakness – Vulnerability or Application Misuse?

Mimecast Report: Nearly a quarter of ‚Äėunsafe‚Äô emails getting through to user inboxes

Dubai, UAE, July 30, 2017‚ÄstMimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the results of its third quarterly Email Security Risk Assessment (ESRA), a report of the results of tests which measure the effectiveness of incumbent email security systems. This quarter‚Äôs assessment noted a continued challenge of securing organizations from malicious attachments, dangerous files types, impersonation attacks, as well as spam ‚Äď with nearly a quarter of ‚Äúunsafe‚ÄĚ email being delivered to users‚Äô inboxes. Among the email security services assessed, the tests found that using Mimecast in conjunction with prominent cloud-based email service providers, including Google G Suite and Microsoft Office 365, would substantially improve results by blocking thousands more email-borne attacks. The report indicates the need for organizations to enhance their cyber resilience strategies for email with a multi-layered approach that includes a third-party security service provider. read more

Posted in ICT | Tagged , , | Comments Off on Mimecast Report: Nearly a quarter of ‚Äėunsafe‚Äô emails getting through to user inboxes

Ransomware outbreak comment from Mimecast

Steven Malone, director of security product management at Mimecast, commented: read more

Posted in Business, ICT | Tagged , , | Comments Off on Ransomware outbreak comment from Mimecast

WANNACRYPT RANSOMWARE ‚Äď AN ACTION PLAN TO IMPROVE YOUR CYBER RESILIENCE DEFENSES

Posted in Business, ICT | Tagged , , , , | Comments Off on WANNACRYPT RANSOMWARE ‚Äď AN ACTION PLAN TO IMPROVE YOUR CYBER RESILIENCE DEFENSES

Cybersecurity needs to be on every organization’s agenda for 2017

Posted in Business | Tagged , , | Comments Off on Cybersecurity needs to be on every organization’s agenda for 2017