Barracuda Spam Filtering

Barracuda Spam Filtering

New Phishing Attack on Microsoft O365

August 26, 2021
New Phishing Attack on Microsoft O365 Users Leverages Open Redirects to Avoid Detection
Widespread credential phishing campaign abuses open redirector links
Microsoft 365 Defender Threat Intelligence Team Link Article

MspPortal Partners along with Barracuda does have  a solution
Read what Essentials complete will provide for you Includes ESS, Message Archiver and O365 Backup
One Drive, Exchange, Sharepoint,Teams (PDF)

With Barracuda Advanced Threat Protection

With Barracuda Advanced Threat Protection
MspPortal Partners blocked 767 Infected attachments in the last 24 hours protecting our partners clients from becoming/getting infected. Thousand of dollars were saved in mitigation costs

Scan Description the file was scanned by the Barracuda Advanced Threat Protection (ATP) service. ATP scans for malware, zero-day exploits, and targeted attacks not detected by other virus scanning features or the intrusion prevention system. ATP analyzes files in a secure cloud environment and makes an overall determination once scanning is complete.

Most of the blocked emails were Microsoft: docx, xlsm , xlsx, pdf, exe and rar

MspPortal Partners is a leader in providing security software to the Tech Community at better then wholesale pricing , service and support

MspPortal now provides Encrypt Mail at no extra charge using Barracuda Spam filtering

If you are using with MspPortal Partners Barracuda Spam Filtering you can now do encrypt mail also at no additional cost.

Rackspace, Office 365, Google Apps, Exchange, Lotus Domino, GroupWise, Zimbra, Gmail, postfix, Send Mail, and more can be used as long as you can add a smart host entry.

I will assist in the original setup at no extra charge ( training) Use a word such as I do “secure” in the subject line plus you have the best spam filtering soluion in the industry.

13 email threat types to know about right now

Brought to by Barracuda and MspPortal Partners/MSP Aggregator – Distributor
How inbox defense protects against increasingly sophisticated attacks or compliment your current mail filtering solution considering O365 and Mimecast are now compromised very inexpensive to protect yourself from bad actors.
Have your tech team contact MspPortal Partners for pricing

MspPortal provides aggressive/displacement pricing but assisting in the integration and 1 & 2 line tech support

PDF Table of Contents
1) Introduction: Radically reduce susceptibility to targeted email attacks page 1
2) Fighting increasingly complex email attacks page 3
3) Spam page 5
4) Malware 8
5) Data Exfiltration page 12
6) URL Phishing page 15
7) Scamming page 18
8) Spear Phishing page 22
9) Domain Impersonation page 26
10)Brand Impersonation page 30
11)Blackmail page 34
12)Business Email Compromise page 38
13)Conversation Hijacking page 42
14)Lateral Phishing page 46
15)Account Takeover page 49
16)Strengthening your email security posture with API-based inbox defense page 53
17)Conclusion: Effectively protecting against evolving email threats page 56

PDF download Barracuda 13 email threats

Now is the Time to think about Protecting Mail and Endpoints

Most firms bought in to the idea of purchasing Microsoft Office 365 for financial reasons and convenience. Microsoft promised easy access to Word, Excel and Outlook know matter where you are. Unfortunately, now might be the day of reckoning with the breach of Microsoft cloud products. Hackers, phishing emails and bad actor malware are regularly using O365 to find more victims, and truth is, you’re actually more likely to already be infected via Microsoft’s patching processes. (This is not your fault. Microsoft’s MO is to always do patching on your operating system to keep you secure.)

You need to take a proactive position to:
1) Protect your email (Barracuda Spam Filtering best in breed)
2) Protect your Windows Operating systems (Bitdefender Gravity Zone fully EDR protection The only cybersecurity vendor to prevent all advanced threats AV comparatives.

With both of these layers of security in place, you can limit your exposure to the SolarWinds malware threat, which is bigger than even the media understand. Everyday more and more firms are coming forward with security breaches. Unfortunately for SolarWinds’ customers, the malware used int he attack is a mutating virus and responds to web commands.

If you are the Public, ask your Internet provider or support tech if they use SolarWinds RMM. If they do, ask to have it removed and replaced. Most tech firms will try justify why they should keep SolarWinds. Fight for your protection.

If you are tech company, contact MspPortal Partners, and we will set you up with the proper security to protect you endpoints and clients.

The cost for both lines through us is less than $6.00 a month per endpoint/mailbox. MspPortal Partners is a Value-Add Distributor for both products. MspPortal Partners does not sell direct to the public. MspPortal Partners have over 400 plus tech firms fully trained to implement a security solution to protect you.

Note: More than likely, your tech firm will charge for any modifications to your account because the virus is not their fault.

Side/foot note:
1) We asked and received a confirmation from the legal team at Barracuda that there is was/no integration of SolarWinds Orion software in the ESS spam filtering or RMM solutions.
2) Bitdefender also confirmed it does not use the Orion solution.
3) Sign up for our RSS feed to keep you informed on today’s Security Landscape

SolarWinds Hackers’ Attack on Email Security Company Raises New Red Flags

Customers of Mimecast were targeted in cyberattack, showing the multiple layers of potential victims at risk in massive hack

Earlier this week, Mimecast confirmed an attacker had compromised a certificate provided to certain customers to authenticate Mimecast products to Microsoft 365 Exchange Web Services. The tools and techniques used in this attack link these operators to those who recently targeted SolarWinds, The Wall Street Journal reports.

The SolarWinds attack affected some 18,000 public and private organizations that downloaded infected versions of legitimate updates to its Orion network management software. However, the attack on Mimecast shows not all victims had to be SolarWinds customers to be targeted.

Mimecast was a SolarWinds customer in the past but no longer uses the Orion software, a person familiar with the matter told WSJ. The company has not determined how attackers got in or whether its earlier use of SolarWinds could have left it vulnerable.

Microsoft recently informed us that a Mimecast-issued certificate provided to certain customers to authenticate Mimecast Sync and Recover, Continuity Monitor, and IEP products to Microsoft 365 Exchange Web Services has been compromised by a sophisticated threat actor. Mimecast Comments 

Look at this: on there comment section
Forward-Looking Statements-my interpretation is it is not our fault and no payment relief was made
Do you really want to do business with a firm like this? Or trust your confidential emails to you customers.

Dark Reading Comments and Article

SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns
Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.

The discovery of a data breach at email service provider Mimecast could indicate attackers behind the massive SolarWinds incident may have pursued multiple paths to infiltrate target organizations, a new report states.

Earlier this week, Mimecast confirmed an attacker had compromised a certificate provided to certain customers to authenticate Mimecast products to Microsoft 365 Exchange Web Services. The tools and techniques used in this attack link these operators to those who recently targeted SolarWinds,

The SolarWinds attack affected some 18,000 public and private organizations that downloaded infected versions of legitimate updates to its Orion network management software. However, the attack on Mimecast shows not all victims had to be SolarWinds customers to be targeted.

Mimecast was a SolarWinds customer in the past but no longer uses the Orion software, a person familiar with the matter told WSJ. The company has not determined how attackers got in or whether its earlier use of SolarWinds could have left it vulnerable.

Left undisclosed by SolarWinds: Put out of list of the 18,000 companies affected even CISA has not confirmed, maybe folks should contact the FTC they are a publicly traded firm