HackDig : Dig high-quality web security articles for hacker

[SANS ISC] Keep an Eye on Remote Access to Mailboxes

2019-11-12 03:20

I published the following diary on isc.sans.edu: “Generating PCAP Files from YAML“:

BEC or “Business Email Compromize” is a trending thread for a while. The idea is simple: a corporate mailbox (usually from a C-level member) is compromized to send legitimate emails to other employees or partners. That’s the very first step of a fraud that could have huge impacts.

This morning, while drinking some coffee and reviewing my logs, I detected a peak of rejected authentications against my mail server. There was a peak of attempts but also, amongst the classic usernames, bots tested some interesting alternatives. If the username is “firstname”, I saw attempts to log in with… [Read more]

[The post [SANS ISC] Keep an Eye on Remote Access to Mailboxes has been first published on /dev/random]


Source: /sexobliam-ot-ssecca-etomer-no-eye-na-peek-csi-snas/03/01/9102/eb.llehstoor.golb

Read:308 | Comments:0 | Tags:SANS Internet Storm Center Security BEC Email SANS ISC

“[SANS ISC] Keep an Eye on Remote Access to Mailboxes”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud