Newly Identified Bug in Microsoft Word Lets Attackers Bypass Detection and Gain Control of Compromised Systems
LEXINGTON, Mass., March 05, 2019 (GLOBE NEWSWIRE) -- Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the Mimecast Threat Center, a group of hands-on, cybersecurity experts focused on providing threat intelligence that helps organizations convert threat information into value for the business. Led by Joshua Douglas, the newly hired Vice President of Threat Intelligence, the Threat Center will leverage email, web and anonymized user data to offer threat intelligence insights to security professionals to manage today’s evolving threats. In addition, the Threat Center today announced a new bug that chains to unfixed exploits and bypasses security systems to gain control of compromised systems.
The mission of the Threat Center is to provide customers with actionable insight that can be used to better manage and prioritize today’s evolving threats. The Threat Center will produce a wide variety of reports including threat research on vulnerabilities, analysis on targeted malware, deeper insights on targeted threats hitting specific industries and quarterly Email Security Risk Assessments (ESRAs).
Mimecast blocks more than one billion unwanted emails every working day – these include spam, phishing, directory harvest attacks, and malware emails ranging from nuisance to extremely dangerous emails, offering the team a unique view of threat landscape from email-based attacks. As part of the Threat Center, Douglas will be responsible for overseeing Mimecast Labs, the operational security and threat intelligence teams. The threat intelligence that the team provides is gleaned from the analysis of billions of emails and web traffic across global data grids, which provides insights on targeted attacks and other malware embedded in documents and URLs. This information is shared to inform organizations and the cybersecurity ecosystem on emerging tactics, techniques and procedures. Analysis generated from anonymized user behavior, enterprise security posture and targeted attacks helps allow organizations to better inform their business and risk strategies while increasing the efficacy of Mimecast’s detection technology, which helps safeguard all 33,000+ customers. Additionally, the threat intelligence helps the security teams of our customers to take contextual action to respond quickly to cyber threats and ensure user behavior training and policy changes are focused on high risk employees.
Today, the Mimecast Threat Center unveiled threat analysis about a new bug discovered within Microsoft Word, which chains itself to another vulnerability to achieve advanced stealth capabilities. This bug was found in Microsoft Office, which incorrectly handles integer overflow and is used to bypass security systems and fool parsers to deliver remote code that can take complete control over a compromised machine. Just last month, Mimecast Research Labsdiscovered another Microsoft Office vulnerability, CVE-2019-0560, which affected millions of documents created under vulnerable versions of Microsoft Office, potentially leaking sensitive data unwillingly. Mimecast’s threat detection engines are designed to identify exploitation techniques, and we continuously research attack techniques and methodologies whether used in the wild or not to help our customers and the greater cybersecurity ecosystem.
“Threat intelligence insight helps our customers focus their efforts and their resources on the right threats at the right time,” said Douglas. “A successful strategy helps reduce both complexity and allows organizations to stay on pace without expending more resources than the threats they are defending against. Security leaders should focus on effective counter-intelligence operations to determine how an attacker, nation state or insider threat views their organization or business partners as potential targets. I’m excited to join Mimecast and lead a team of strong players aiming to create a level playing field for organizations of all sizes, while protecting their people and infrastructure.”
In a recent e-book on threat intelligence from the Cyber Resilience Think Tank,Stephen Ward, chief information security officer at a Fortune 50 company stated, “Threat intelligence tends to produce a lot of data alerts that are irrelevant, and as a result, bog down operations teams and create exhaustion. We’re still talking about bad URLs and hashes – those days are over. We should be focusing on the entire story of how something is done.”
More information on this new vulnerability can be found on Mimecast’s Cyber Resilience Insights blog.
Attending RSAC? Come to Mimecast’s booth 935 in Moscone South to learn more about actionable intelligence from Joshua Douglas.
Mimecast is a cybersecurity provider that helps thousands of organizations worldwide make email safer, restore trust and bolster cyber resilience. Mimecast’s expanded cloud suite enables organizations to implement a comprehensive cyber resilience strategy. From email and web security, archive and data protection, to awareness training, uptime assurance and more, Mimecast helps organizations stand strong in the face of cyberattacks, human error and technical failure. www.mimecast.com
Mimecast Social Media Resources
Blog: Cyber Resilience Insights
Alison Raymond Walsh
Source: Mimecast Limited