<!doctype html>
InQuest on Twitter
InQuest on LinkedIn
InQuest on GitHub

According to the 2020 Verizon Breach and Investigation report, Email is still the most common vector by which organizations are attacked. The importance of implementing email security best practices, therefore, cannot be exaggerated, considering most enterprises rely heavily on this channel for everyday business communications. Unfortunately, threat actors can often trivially exploit the overlooked vulnerabilities of corporate email security through vulnerabilities like the HAFNIUM (CVE-2021-26855), malware or ransomware, phishing attacks, and accidental configurations or employee mistakes.

InQuest's integrated email security solution provides the highest level of email security delivered by InQuest's Cloud platform without the burden of building and managing it yourself. InQuest's SaaS model protects against various malware, ransomware, and threats, including targeted attack protection (TAP), phishing, impostor emails, business email compromise (BEC), spam, and more.

 

Read about email security best practices or Contact Us to learn more about InQuest's Email Security Solution!

 
InQuest Mail Provider Comparison
This month we tested 14,141 malicious file samples against Google and Microsoft's email defenses and here's what made it through:

654 (4.7%) Missed
GSuite

2,495 (17.7%) Missed
O365 ATP + Phishing
InQuire for a free, personalized email security assessment!
Latest InQuest™ Blog Posts

PCode Pushing AveMaria

Posted on 2021-06-16 by Dmitry Melikov

A few days ago, we found an interesting document in the wild that aims to download spyware applications. The sample in question shows low detection rates across multiple antivirus engines, which rouses our suspicion. The email containing the attachment document was allegedly sent from a logistics campaign.

Read more

The Magnificence of Agent Tesla

Posted on 2021-06-28 by Dmitry Melikov

The Agent Tesla Remote Access Trojan (RAT) family of malware has had a long-standing presence in the threat landscape. This malicious software is sold as a remote access service for targeted systems; as such, the authors are constantly updating their malicious code to evade detection efforts. Attackers/customers of the service are also continuously developing and expanding their infrastructure to enhance their distribution/infection rates.

Read more
InQuest™ Labs Research Spotlight

fuzz-lightyear

fuzz-lightyear is a pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through stateful Swagger fuzzing.

Read more

BoobSnail

BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation. Features various infection techniques and various obfuscation techniques.

Read more

GoRAT

GoRAT (Go Remote Access Tool) is an extremely powerful reverse shell, file server, and control plane using HTTPS reverse tunnels as a transport mechanism.

Read more
Global Security Events

REvil ransomware's new Linux encryptor targets ESXi virtual machines

The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines. With the enterprise moving to virtual machines for easier backups, device management, and efficient use of resources, ransomware gangs increasingly create their own tools to mass encrypt storage used by VMs.

Read more

How Does One Get Hired by a Top Cybercrime Gang?

The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Read more

Data of 500K patients accessed, stolen after eye clinic ransomware attack

A ransomware attack on Iowa-based Wolfe Eye Clinic earlier this year led to the access and possible theft of data belonging to 500,000 patients. While the initial cyberattack occurred in February, the complexity and scope of the incident was not determined until May 28.

Read more
Useful Links
Support
Social
Twitter
LinkedIn
GitHub
InQuest™ Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.
Copyright © InQuest™ 2021