Avanan’s report found that a quarter of phishing emails bypass default Office 365 security.
"According to cloud security company #Avanan, #Microsoft #Office 365 also fails to detect such emails as malicious crafted using #ZeroFont technique." via @TheHackersNews #Sikurhttps://t.co/DmBo7jfrfZ pic.twitter.com/sIP5Ha1dpO
— SIKUR (@sikur) June 21, 2018
Dr. Simon Wiseman, CTO at Deep Secure:
While some vendors may jump on these results to point the finger at Office 365’s solution specifically, as a means of promoting their own detection solution, what this really shows is how cybercriminals tactics have become sophisticated to the point that they can completely circumvent ‘detect and protect’ cybersecurity solutions identify malware – in both phishing attacks and other attack vectors. Anti-virus, quarantine and sandboxing solutions can all be circumvented, whether that’s because threats lie dormant for a number of days until the content or link is perceived ‘safe’ or are completely hidden using undetectable tactics, like steganography, which codes the attack into the pixels of an image.
To truly defend against these types of attacks, organisations need to do away with the industry-standard “detect and protect” cybersecurity strategy and leverage Content Threat Removal-as-a-service (CTRaaS) solutions that guarantee to defeat 100% of content threats, rather than the “95%, best endeavours” approach that is typical across the cyber security industry. Content threat removal (CTR) prevents any content entering the network, stripping the useful data from the original file to create a carbon copy from the user’s perspective, but without any unrequired data or potentially malicious elements. This enables the user to receive all the information they need, without introducing unknown content risks onto the network.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.