Trusted by more than 2500 companies with over 5 million users

Notes From the Field: Bots Automatically Target Credit Union With Password Spray Attacks

Cybersecurity is a top concern for everyone in the banking and financial sectors, and credit unions are no exception. The speed at which bots discover and target internet-facing Exchange Servers underscores the need for a variety of security solutions to minimize attack surfaces. In our fifth and final case, we examine what happened when a [...]

Protecting Outlook Web from Denial of Service and Brute Force Attacks

Last week we highlighted the exposures that exist with attachments in Outlook Web. This week we look at protecting Outlook Web from Denial of Service and Brute Force Attacks. Depending upon how you have configured Outlook Web Access (OWA) and Active Directory, you will be opening your network up to either brute force attacks or denial of [...]

2020-10-27T07:07:23-04:00OWA Security|

Notes From the Field: Disgruntled ex-employee attacks with their mobile device (BYOD)

Support staff in a large manufacturing company were experiencing a sudden increase in the number of calls dealing with email account lockouts. The messaging group reached out to us for help. Together we installed Exchange Protocol Guard (EPG) to find out what was going on and to resolve the issue. EPG reports allowed them to [...]

Notes From the Field: Telco Division Needs to Add More Security to 2FA/MA

This case involves attacks at a division of a large Telco with a strong IT team operating more than sixty on-premises servers and mandating a 2FA security solution for any division managing their own Exchange Servers. And then … several incidents lead one Division’s security team to discover that password guessing was occurring against their [...]

7 Ways to Secure Sensitive Corporate Data Crossing the Border

Recently, The New York Times ran an article warning travelers to exercise the same degree of security over data on mobile devices as they would in protecting themselves from muggers. The warning comes in the wake of increased pressure by foreign and domestic governments for travelers to hand over devices and passwords because border agents [...]

Wait! Don’t STOP your Exchange Outlook Web Deployment!

Most IT organizations have to deal with remote workers, employees who travel or telecommute, temporary contractors and agents or staff who are simply being productive at home. For all these people, email remains the bedrock of corporate communication. Without it they simply wouldn’t get their jobs done. So for organizations that use Microsoft Exchange Server, [...]

2019-08-24T01:11:23-04:00Blog, Outlook Web, OWA Security|

Are Your Microsoft Outlook Web Attachments Secure?

Last week we demonstrated a variety of ways in which an OWA session can be compromised, even though the user may have been doing their best to follow company security policies. This week's series of tests will highlight the exposures that exist with attachments in Outlook Web. Simply follow the steps described in the following usage cases to expose [...]

Is Your Microsoft Outlook Web Secure?

Nowadays employees are mobile and constantly connected; the traditional work environment has expanded beyond the physical office walls to include coffee shops, airports, and home. Unfortunately, all this increased mobility and flexibility has exposed new security risks for businesses and IT, risks that sophisticated hackers are quick to exploit.  […]

Give Your Organization a Secure OWA Experience

These days, it’s challenging to read anything about the Internet without stumbling across an article about security concerns. Recent events have brought online security and Internet confidence to the forefront once again. We, at Messageware, think this is a good thing - a very good thing. We want you to be thinking about it, to [...]

Cyber-attacks launched against Outlook Web App users

An attack campaign using advanced cyber-espionage techniques launched against Office 365’s Outlook Web App users in an attempt to steal email log-in credentials from the employees of military agencies, embassies, defense contractors and international media outlets. The group behind the attack used an interesting technique against organizations using OWA; for each attack they used JavaScript [...]

2019-01-15T10:21:30-05:00Blog, OWA Security|