Sometimes, it doesn’t take much for a good scam: a good story, a little persuasion, then disappear again… and sometimes, the scammers come up with tactics that come straight out of the textbook.
Compass Security Blog
Offensive Defense
Ransomware focuses on encrypting data on a filesystem-level, either locally on infected client systems or remotely on accessible file servers. However, what if ransomware would start encrypting data on an application-level too?
Contents Introduction Attack Overview Step-by-Step Detection Email Clients Administration Tools Exchange Compliance Features MAPI Editor Eradication Microsoft Security Response Center Swiss Cyber Storm 2018 Conclusion References Introduction In recent investigations, Compass recognized a raise in popularity for attackers to compromise Microsoft Exchange credentials. As one of the first steps after having obtained the credentials (most […]
Introduction The number one form of communication in corporate environments is email. Alone in 2015, the number of business emails sent and received per day were estimated to be over 112 billion [1] and employees spend on average 13 hours per week in their email inbox [2]. Unfortunately, emails are at times also misused for illegitimate […]
Microsoft Exchange 2013, the newest product in the Exchange series, is more and more enrolled in enterprise environments. With the new and enhanced features, for example the integration of SharePoint or Lync, the new Exchange is a well-designed piece of software which in parallel addresses different security concerns. Like Lync 2013 and the whole Microsoft […]
© 2024 Compass Security Blog