Michael Landewe

Michael Landewe



Global Financial Institution's Microsoft Teams Account Compromised by Malware

Summary A compromised Microsoft Teams account at a partner organization fooled users at a global financial institution into sharing insider information. After exfilt...

Read more

Microsoft SafeLinks Redirect: TattleToken Script

Attackers are using 'smart' redirect servers to hide malicious websites from post-delivery protections like Microsoft SafeLinks and Chrome browser filters.  Summary:...

Read more

SiteCloak Link Attack: Email URL Obfuscation Techniques

We are seeing a rise in the number of phishing attacks that bypass Office 365 due to the attackers’ use of obfuscation techniques on the credential harvesting websit...

Read more

SYLKin Attack: New Malicious .slk files are bypassing Microsoft 365 Security, Risking 200M+ Users

A new attack method bypasses both Microsoft 365 default security (EOP) and advanced security (ATP). At the time of writing, Microsoft 365 is still vulnerable and the...

Read more

This Cat Can Steal Your Microsoft Teams Account. Only Avanan Can Stop It.

This very cute GIF could actually be a piece of malware that can take over your Teams account Highlights: Avanan is the first and only security vendor to protect Mic...

Read more

CoronaPhishing: Hackers are using COVID-19 to Attack Your Users

Starting Today: Stop shaking hands. Stop clicking on any email that mentions Coronavirus! Our security analysts have seen a significant rise in phishing emails that ...

Read more

featured-image-reploy

Re:Ploy Email Chain Hijack Attack

Let’s say your organization has the best security. Your employees are trained to never fall victim to phishing. You have SSO and it’s very hard to take over your acc...

Read more

What-We-Learned-At-Blackhat-Featured

Lessons from Black Hat: End-to-End Security Culture

This month marked the 23rd Black Hat conference. If you’ve never made the trip to Las Vegas, the event typically focuses on the technical aspects of the latest threa...

Read more

Blog Post2FWebinar Images (70)

Phishing Training for Employees: Why Employee Training Can't Solve The Phishing Problem

Microsoft’s 2018 23rd Edition Security Intelligence Report is out, and it confirms the conclusion that most in the security industry already know: we can no longer r...

Read more

Spoofpoint

Is Microsoft Office 365 safer without Proofpoint? or Can 1+1=0?

This week we saw a phishing attack at one of our customers that is using Proofpoint before their Office 365 email—a pretty basic phishing attack that bypassed both P...

Read more

capital-caring-ft

Capital Caring: Avanan Cloud Security for Healthcare

Since 1977, Capital Caring has improved care for those facing life-limiting illness through public education, advocacy, and direct support of patients and their fami...

Read more

Cloud Access Trojan Featured

Enterprise Cloud Access Apps: The Invisible Trojan Backdoor

“Your desktop gets scanned for trojan back doors. But what about the backdoors in your cloud?”

Read more

5 Phishing Attack Trends to Look out for in 2019

Avanan has caught a tremendous number of previously-unseen attacks this year, and as a result we have identified some distinct trends that give insight into what we ...

Read more

Microsoft Advanced Threat Protection vs Avanan

Microsoft knows that Office 365's default security features are not enough to keep an organization protected, which is why they created Microsoft Advanced Threat Pro...

Read more

Was My Email Inbox Hacked? What To Do If You've Been Hacked

Before you continue reading, you should check to see if your email address is one of the millions that has already been compromised: HaveIBeenPwned.com. An attacker ...

Read more

Attack Report: Gmail Vulnerable to Nickname Impersonation Spearphishing

The Basics of the Nickname Email Spoof Attack We have trained our users to distrust a sender's nickname and validate an identity by looking at the original email add...

Read more

google-doc-attack-authenticate.png

Attack Report: API-based Phishing Attack in Gmail

This attack report covers a very sophisticated phishing scheme that came in the form of an invitation to open a Google Doc.

Read more

why-not-mta-graphic.png

Why MTA Gateways are Not Effective SaaS Email Security Appliances

Don't change your email security. Change the way it is connected. With the massive adoption of Office 365 and G-Suite for corporate email, companies hoping to implem...

Read more

Zero-Trust Security: When Your Employees are the Source of the Attack

During our analysis of an advanced phishing attack last week, I was reminded why it is so important to scan every email—inbound, outbound and internal. 

Read more

1 2 3 4
14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial