Most of us know that business email compromise (BEC) is a common vector for network attacks – but few realize just how vulnerable they are to threats. The rapid transition to remote work during the pandemic has created massive new opportunities for security breaches. Employers often place their faith in their email provider to protect their scattered workforce.

But InQuest’s comprehensive experiment measuring email security efficacy demonstrates a significant gap in available protection. Neither Microsoft nor Google can do enough to stem the tide of threats. Here’s the bottom line: to protect the enterprise, you must augment your email security and close the gap.

Read the details within the How to Secure your Weakest Link Infographic.

InQuest Email Security Assessment
This month we harvested 1309 samples from the wild capable of bypassing either Microsoft or Google. Of those, Microsoft missed 507 (39%), and Google missed 530 (40%). The distribution of misses by file type is depicted below:
InQuire for a free, personalized email security assessment!
Latest InQuest Blog Posts
FDR is new, but the word is getting out. Hear Pedram Amini (InQuest CTO) explain how File Detection and Response (FDR) tackles today’s leading security problems (ransomware, phishing, scams, fraud and data loss violations) through the lens of six interesting questions from the Dark Reading News Desk at BlackHat 2022:

The Essence of the Threat Landscape - It’s Not So Complicated

Read more

The Challenge of Identifying File-Borne Breaches and Incidents

Read more

How FDR Differs from other Detection and Response Solutions

Read more

How FDR Helps with the SecOps Staffing Dilemma

Read more

Automated Threat Hunting. Is it AI?

Read more

What, exactly, is Real-Time Threat Intelligence?

Read more
InQuest Labs Research Spotlight


At the heart of is the custom file processing pipeline that analyzes executable files and their code inside by detecting functions and extracting the overall callgraph.

Read more

Quokka: A Fast and Accurate Binary Exporter

Quarkslab is open-sourcing Quokka, a binary exporter to manipulate a program's disassembly without a disassembler.

Read more

Hex-Rays Plugin Contest 2022

We received 9 interesting submissions this year! As usual, many thanks to all the participants for their hard work, and interesting ideas.

Read more
Global Security Events


Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application.

Read more

Detecting STEEP#MAVERICK: New Covert Attack Campaign Targeting Military Contractors

A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines.

Read more

Agent Tesla RAT Delivered by Quantum Builder With New TTPs

This report examines trends in malware use, distribution, and development, and high-risk vulnerabilities disclosed by major hardware and software vendors between January 1 and June 30, 2022.

Read more
InQuest Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.
Copyright © InQuest 2022