Most of us know that business email compromise (BEC) is a common vector for network attacks – but few realize just how vulnerable they are to threats. The rapid transition to remote work during the pandemic has created massive new opportunities for security breaches. Employers often place their faith in their email provider to protect their scattered workforce.

But InQuest’s comprehensive experiment measuring email security efficacy demonstrates a signiﬁcant gap in available protection. Neither Microsoft nor Google can do enough to stem the tide of threats. Here’s the bottom line: to protect the enterprise, you must augment your email security and close the gap.

Read the details within the How to Secure your Weakest Link Infographic.

InQuest Email Security Assessment

This month we harvested 1309 samples from the wild capable of bypassing either Microsoft or Google. Of those, Microsoft missed 507 (39%), and Google missed 530 (40%). The distribution of misses by file type is depicted below:

InQuire for a free, personalized email security assessment!

Latest InQuest Blog Posts

FDR is new, but the word is getting out. Hear Pedram Amini (InQuest CTO) explain how File Detection and Response (FDR) tackles today’s leading security problems (ransomware, phishing, scams, fraud and data loss violations) through the lens of six interesting questions from the Dark Reading News Desk at BlackHat 2022:

The Essence of the Threat Landscape - It’s Not So Complicated

The Challenge of Identifying File-Borne Breaches and Incidents

How FDR Differs from other Detection and Response Solutions

How FDR Helps with the SecOps Staffing Dilemma

Automated Threat Hunting. Is it AI?

What, exactly, is Real-Time Threat Intelligence?

InQuest Labs Research Spotlight

Files.Ninja

At the heart of files.ninja is the custom file processing pipeline that analyzes executable files and their code inside by detecting functions and extracting the overall callgraph.

Quokka: A Fast and Accurate Binary Exporter

Quarkslab is open-sourcing Quokka, a binary exporter to manipulate a program's disassembly without a disassembler.

Hex-Rays Plugin Contest 2022

We received 9 interesting submissions this year! As usual, many thanks to all the participants for their hard work, and interesting ideas.

Global Security Events

WARNING: NEW ATTACK CAMPAIGN UTILIZED A NEW 0-DAY RCE VULNERABILITY ON MICROSOFT EXCHANGE SERVER

Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application.

Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors

A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines.

Agent Tesla RAT Delivered by Quantum Builder With New TTPs

This report examines trends in malware use, distribution, and development, and high-risk vulnerabilities disclosed by major hardware and software vendors between January 1 and June 30, 2022.

Useful Links

Support

Social

Twitter

GitHub

InQuest Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.

Unsubscribe here.