Many businesses have seen budgets take a hit over the years. Unfortunately, security is something that is often cut because management does not see a return on investment when it comes to purchasing high priced security solutions.

Email administrators usually know that forgoing the tools that help keep spam, phishing attacks, viruses and other mail borne threats at bay is not a wise approach to take. However when they find themselves faced with having to cut back on expenditures, getting rid of costlier appliances and programs may seem like the only choice that makes sense. This thought is often supported by the notion that commercial, enterprise level security solutions can be substituted with lower cost options. Unfortunately, many organizations have found themselves getting burned by going low cost as opposed to what they really need. Continue reading Is it Wise to Cut Email Security Costs?

Recently, the University of Illinois found their email domain blacklisted as being a source of spam.

That’s right, a trusted educational institution that is familiar to just about anyone in the United States was unable to have email delivered because they were thought to be spammers. According to reports, not only were third party ISPs like Hotmail, Gmail and Yahoo! blocking email from the University’s domain; but other universities as well.

The blacklisting was legitimate. The domain was sending copious amounts of spam, but it wasn’t on behalf of the University. Generally, overaggressive email marketing  campaigns can result in a domain mistakenly being blacklisted, but this wasn’t what caused emails to be scrutinized in this instance. According to the University’s Campus Information Technologies and Educational Services, CITES, department their servers were actually being used by illicit spammers. Continue reading Still Don’t Want to Take Email Security Seriously?

Protecting your companies’ assets is usually the main priority for any security team. Whether you are expected to carry out additional duties at your work place, on top of your security related tasks, or if you are dedicated full time to IT security, if the responsibility falls on you then you need to be ready.

Unknown to most people, email threats are the way most attackers find their way into your network. In fact, recent studies show that 91 percent of all breaches start with a malicious email.

Although most hackers use email as a way to compromise your assets, most people will spend a majority of their security budgets on securing the network perimeter. Funds seem to be available for network firewalls, anti-virus software, web content filtering, web application firewalls, etc. But securing against email borne threats, most people ignore this need because they don’t see the big picture. To them, a cross-site scripting attack launched against their web application poses a serious threat; likewise a simple password that is easily cracked with a brute force tool is something they are afraid of. These attacks are protected against. Continue reading Why You Need to Take Email Security Seriously

Last Summer I wrote an article called “Firewalls Between Exchange Servers? Not On My Network!” where I addressed some of the supportability issues that come up when the network and/or security team wants to put a firewall between various components of an Exchange infrastructure. In that post, I discussed why this was unsupported, that it was a bad idea to do it anyway, and what one could expect if one went ahead and did it anyway. In short, bad things. Continue reading Got Firewalls? Read This Now.

I was working with a customer the other day who was having some problems with TLS sessions between their Exchange servers and a partner’s. They asked me to help do some troubleshooting. I was home at the time, but since this is Internet edge servers we’re talking about here, I thought I could take a look at a few things remotely, since I too am “on the Internet.” Since the complaint was that they could not establish a TLS session between systems, which is something that was working previously, the first think I asked was, of course, “what changed?” I bet you know what the answer was! So, the next thing I did was try to establish a TLS session myself. I dropped to the command prompt, and entered Continue reading 7 Best Practices for SMTP/TLS

An article in Computerworld UK caught my attention because its subtitle read “Phishing attacks previously caught in the spam filter are now getting through to employee inboxes.”

The post, which appeared in a section titled Security Manager’s Journal was written by someone who is in the midst of taking on email security issues on a daily basis. Reading the article, it was evident that the author was telling a first hand account of their company’s failure to prevent spam from sneaking past the filters and winding up in users’ inboxes. Continue reading How Costly Can Configuration Mistakes Be?

If the only real email threat was spam, not much would be done on a business level to stop it. We all know that dealing with spam drains time away that could be spent on more productive things, but honestly receiving junk advertising messages isn’t always the biggest concern for your average business.

Spam isn’t the only threat facing the email administrator; but it is the one that most people are familiar with so it has become the de facto poster child for email related risks. As a result, many organizations put their resources into anti-spam solutions that block emails using keywords and blacklists and then divert the remaining security budget towards network based security solutions. Cyber criminals are well aware of this fact. They know full well that many organizations leave email full of vulnerabilities and they take advantage of this.

Of course, if you are aware of the many other threats that face your email assets, and can relate these to management, you stand a better chance at thwarting any attacks launched at them. But first, you have to know what the threats are… Continue reading How Real Are Email Threats?

Just recently, Twitter announced that if you receive an email from them you need not worry about the email being a phishing attack using a spoofed address. The email is authentic because of their use of DMARC email authentication.

DMARC, or Domain based Message Authentication Reporting and Comformance, is a standard that governs email authentication mechanisms like Sender Policy Framework and DomainKeys Identified Mail (SPF and DKIM respectively). Working with email clients like Gmail, AOL, Yahoo Mail and Microsoft’s Hotmail and Outlook, DMARC promises to authenticate outbound mail so that when it arrives in a sender’s inbox they can be assured it is not a fake.

However this looks again like a silver bullet hope that will solve the spam/phishing/malicious email plague that threatens so many people.

Businesses leaders often see these as signs that spam is no longer a problem. Much like the news reports that claim, “Spam is Dead” or even those that show spam levels are down do some serious damage to email security. The damage comes as a result of decision makers not seeing malicious email as a real threat. After all, if spam is dead and DMARC can prove that emails are real then the question of why do we need to spend money on additional security becomes a big question. Continue reading The Layers of Email Security

Microsoft knows what Oracle is going through right now with its Java programming language.

At one time, its Windows operating system was a prime target for hackers. It was said a Windows computer that connected to the Internet without virus protection would be infected in seconds.

Java is in the same boat. Oracle has been plugging holes in the software for more than a year in what often seems like an unending game of vulnerability wackamole.

For example, earlier this month, Oracle rolled out a massive update to Java 7 that addressed 50 security threats in the software. This week — after widely publicized attacks on Facebook and Apple through Java vulnerabilities — Oracle rolled out another security update with five additional fixes. Continue reading Exchange 2013 Can Blunt Java Security Threats

Microsoft’s Patch Tuesday was a fat one this month. All told, Redmond pushed fixes for 57 security flaws, including some in Exchange 2007 and 2010.

The flaws in Exchange were tagged “critical” by Microsoft, a rating reserved for the most severe vulnerabilities.

The update affects Exchange 2010 SP2 and 2007 SP3. Exchange 2010 SP3 and 2003 SP2 are not affected by the update.

Flaws addressed by the security update address are known to the public, Microsoft explained in its security bulletin for Patch Tuesday.

The most severe vulnerability is in Microsoft Exchange Server WebReady Document Viewing. Continue reading Critical Security Patches for Exchange Issued by Microsoft