Last week we highlighted the exposures that exist with attachments in Outlook Web. This week we look at protecting Outlook Web from Denial of Service and Brute Force Attacks. Depending upon how you have configured Outlook Web Access (OWA) and Active Directory, you will be opening your network up to either brute force attacks or denial of [...]
Last week we demonstrated a variety of ways in which an OWA session can be compromised, even though the user may have been doing their best to follow company security policies. This week's series of tests will highlight the exposures that exist with attachments in Outlook Web. Simply follow the steps described in the following usage cases to expose [...]
Nowadays employees are mobile and constantly connected; the traditional work environment has expanded beyond the physical office walls to include coffee shops, airports, and home. Unfortunately, all this increased mobility and flexibility has exposed new security risks for businesses and IT, risks that sophisticated hackers are quick to exploit. […]
These days, it’s challenging to read anything about the Internet without stumbling across an article about security concerns. Recent events have brought online security and Internet confidence to the forefront once again. We, at Messageware, think this is a good thing - a very good thing. We want you to be thinking about it, to [...]
An attack campaign using advanced cyber-espionage techniques launched against Office 365’s Outlook Web App users in an attempt to steal email log-in credentials from the employees of military agencies, embassies, defense contractors and international media outlets. The group behind the attack used an interesting technique against organizations using OWA; for each attack they used JavaScript [...]
Not addressing the Public vs. Private Logon options for OWA means you are leaving corporate security decisions in the hands of your OWA users.
Whether your motivation for implementing Data Loss Prevention strategies is to protect your organization’s intellectual property, or to remain compliant with regulations in your industry, your Microsoft Exchange and OWA deployment should be considered as one data source requiring careful scrutiny for DLP possibilities
OWA Guard v2.0 includes a new Dynamic CAPTCHA for OWA, automatic IP-filtering, and enhanced reporting of OWA usage history.
I recently read an interesting article that stated “automated password-cracking software can perform 100 million checks per second – equating to a four-character password being cracked in 0.16 seconds, and a six-character password in just 11.4 minutes.” (SC Magazine, February 2013) When you think about a typical user password, it is no wonder why [...]
Messageware can help you meet the FBI’s recommendations for protecting your organization against cyber threats by securing the OWA Sign-On page and providing insight into logon and connection activity. Cyber-crime is on the rise, and it is old news that organizations need to secure all access points into their corporate networks to protect [...]
