As everybody noticed, the delivery vector for these phishings is email. So an email filtering engine that is capable of detecting phishing attacks, either by recurrent pattern detection (like Cyren), or via URL extraction and checks (like Kaspersky or BitDefender), when in place, will keep your users safe. These phishing emails are also caught by open source engines like the veteran SpamAssassin or the new kid on the block OrangeAssassin (from SpamExperts).
Best posts made by bogdan.moldovan
-
RE: DocuSign Phishing Attacksposted in IT Discussion
-
Beware of the new Jaff Ransomwareposted in IT Discussion
A detailed analysis from Cyren:
https://blog.cyren.com/articles/locky-2-jaff-ransomware-launched-from-necurs-botnet.htmlYet again the delivery vector is email. If you are managing on-prem email servers, make sure your filters are active and properly configured.
-
RE: O365 and encrypted mail to other email systemsposted in IT Discussion
@Dashrender I think that the gold standard here is S/MIME.
It requires that you (as a sender) have an S/MIME Private Key and signed Certificate and know your recipient's Public Key/Certificate.
It requires that the receiver has matching S/MIME Private Key and signed Certificate to the Public Key/Certificate that the sender had when sending the email.The S/MIME Private Keys / Certificates have to be configured on each device where the senders and receivers are sending / receiving email from/to.
Everything else, IMHO, is non-secure!
The S/MIME Certificates and Private Keys and be acquired individually by users or distributed to users from your own managed PKI.
-
RE: O365 and encrypted mail to other email systemsposted in IT Discussion
@Dashrender Another idea might be to have separate delivery MTAs. Use one for ePHI and another for anything else.
On the ePHI-assigned MTA gateway, configure Force TLS, DNSSEC, DKIM signing, SPF, etc..
Route to the ePHI MTA gateway either by rule or by configuration (e.g. if ePHI info is only sent from a known number of systems, configure those to use the MTA gateway that has Force TLS configured on it).
Note that the data at rest that you keep on your side also has to be encrypted, if I interpret correctly the requirements.
On the other hand, you should really consider hiring a Certified HIPAA Security Expert and get a professional audit on the as-is, recommendation, implementation followed by an audit on the new implementation. -
The power of Chat in IT Supportposted in IT Discussion
Stumbled upon this article today: https://itsm.tools/2017/05/18/power-chat-support/
I am curios as to how many of you provide chat support and what is the user adoption on it?