“Funky malware format” found in Ocean Lotus sample

Recently, at the SAS conference I talked about “Funky malware formats”—atypical executable formats used by malware that are only loaded by proprietary loaders. Malware authors use them in order to make static detection more difficult, because custom formats are not recognized as executable by AV scanners. Using atypical formats may also slow down the analysis process because the … [Read more...]

Sea Turtle DNS Hijacking Campaign Utilizes At Least Seven Patched Vulnerabilities

The Sea Turtle campaign exploits seven patchable vulnerabilities dating from 2009 to 2018 to breach organizations and hijack their DNS name records. Background On April 17, researchers at Cisco’s Talos Intelligence Group published a blog entitled DNS Hijacking Abuses Trust In Core Internet Service. This blog provided additional details about a two-year attack campaign targeting a variety of … [Read more...]

Introducing MDaemon 19 – with Updates for Security, Reporting, & Webmail

This week, we released MDaemon 19, with new features that benefit administrators and end users. The following is a summary of key improvements. You can view the complete list of updates in the MDaemon release notes. New Features for Administrators One of the first things administrators will notice is that the behavior of the “Start MDaemon” Start menu shortcut has changed. When … [Read more...]

‘We need bigger cyber security budgets’, organisations say in new survey

Organisations need to invest more money into cyber security defences if they are to fight back against the growing threat of data breaches, an Ernst & Young survey has found.  According to the professional services firm’s Global Information Security Survey 2018–19, 87% of respondents said they don’t have the budget to deal with … [Read more...]

Track an email by subject

Last week, we received a support call from a customer who needed to spot mailboxes that had stored, sent or received emails with a specific subject li... Continue reading … [Read more...]

Using Zapier to Automate Common Business Workflows

A typical company has thousands of workflows happening all of the time, whether it's onboarding new employees, approving expense reports or opening up a helpdesk ticket. … [Read more...]

Three Key Reasons to Sell Data Protection to Your Customers

One of the first questions many managed services providers (MSPs) ask is why should I even be selling data protection or backup in the first place? It’s true there's lots of competition out there already; there are plenty of services online, and there are plenty of other vendors. In fact, your customers might even have a backup solution already in place, and yet you're supposed to go in there to … [Read more...]

Explained: like-farming

Like-farming, aka like-harvesting, is a method used by commercial parties and scammers alike to raise the popularity of a site or domain. The ultimate dream of every like-farmer is for his post to go viral by accumulating as many likes and shares as possible from all over the world. Like-farmers rely on near-instinctual reactions from users by exploiting hot-button topics such as child rearing … [Read more...]

Understanding CISSP Requirements

The CISSP certification was named the “most valued credential among employers by a margin of 3 to 1” in … [Read more...]

How to Set up Azure Cloud Storage

This guide covers the different types of cloud storage provided by Microsoft Azure, which one you should choose and how to get set up. Read the post here: How to Set up Azure Cloud Storage … [Read more...]