The issues started at around 09:29 GMT and is affecting some users across Ireland, the UK and the rest of Europe. The Topsec Technical Support team have also started to notice that emails belonging to some of our customers who use Microsoft Office 365 were beginning to queue on our systems as they were temporarily undeliverable. These emails will queue on our systems for up to 5 days or until we can re-establish a connection with the delivery point (i.e. MO365), meaning none of our customers emails will be lost. This may not case for those who rely Microsoft Office 365 solely.
According to Wired, a massive database containing 772,904,991 unique email addresses and over 21 million unique passwords was recently posted to an online hacking forum. They suggest that the breach, called "Collection #1," doesn't originate from the one source but it is a collection of 2,000 leaked databases that included passwords which have since been cracked, meaning the protective layer that "hashes" a password to prevent it from being visible has been cracked to be presented in a usable form on the hacking forum.
Over the past 24 hours Topsec Engineers have noticed a massive spike in the number of the below Revenue Phishing emails which appears to come from revenue.ie. The email claims that the receiver is due a tax refund and must submit a Form 12 urgently. Conveniently, there is a “link” to the Form 12 in the email.
More and more organisations are starting to ensure that their employees use multifactor authentication (MFA) to add an extra layer of security to their Microsoft Office 365 and other accounts. Multifactor authentication and two-factor authentication involves using an extra step (like a phone number or verification code) in addition to your login credentials. This makes it harder for hackers to log in to your account if they have your username and password. It's a very useful additional security step, however security researchers say that it’s use isn’t very widespread.
Topsec engineers have noticed a disturbing trend in a certain type of email that we would classify as Social Engineering. While we have blocked a significant amount of these, some will always leak through spam filters.
Topsec Cloud Solutions will be exhibiting at Infosecurity Europe in the Olympia, London once again this year. Infosec is Europe’s largest and most comprehensive IT Security conference with over 400 exhibitors and 13,500 visitors.
The Topsec team will be on stand X130 (Discovery Zone, Upper Floor), so please feel free to drop by for some free light refreshments and to discuss best practices in email security.
Researchers have come across a security flaw in the way Office 365 email filters are designed to handle HTML code which has resulted in hackers getting malicious links into the mailboxes of end users. The hackers used an incredibly simple trick to get malicious URLs to bypass Office 365 mail filters, by splitting up the malicious links by using a <base> URL tag.
Next week Topsec Cloud Solutions are back at Manchester Central Convention Complex, this time exhibiting at IPEXPO Manchester for the second time. The event is part of Europe’s number one enterprise IT event series for those looking to find out how the latest IT innovations can drive their business forward.
IPEXPO Manchester is attended by over 5000 people and is a must-attend IT event for CIOs, heads of IT, security specialists and IT Professionals, where the latest developments, cybercrime tactics, best practice insights and content from across the industry will be discussed.
Microsoft Office 365 had an outage on Friday which left users without email throughout Europe, the US and the Asia-Pacific. Microsoft users who tried to access their accounts on Friday got the message “Service is temporarily unavailable. Please retry later.” UK users were hit hard with one user complaining that they could send or receive emails for over 14 hours.
Email Security experts, Topsec Cloud Solutions, are delighted to be exhibiting at CYBERUK 2018 for the second consecutive year. The event is the National Cyber Security Centre’s (NCSC) flagship event on cyber security.
The 3 day event is the only UK Government-hosted event for the sector and will be the largest and most wide-ranging event for cyber security leaders and professionals in the UK, attracting the key players in Government, Academia, and Industry.