Microsoft Outlook users advised to urgently apply the security patches provided by Microsoft

Pittsburgh, PA – 16 March 2023 – A severe security vulnerability has been discovered in Microsoft Outlook, which is currently being exploited by cybercriminals. The vulnerability, identified as CVE-2023-23397 with a CVSS score of 9.8, permits a remote, unauthorized attacker to compromise systems simply by transmitting a specifically crafted email. This malicious email enables the attacker to gain unauthorized access to the recipient’s credentials.

More widespread attacks that target this vulnerability are expected

Umut Alemdar, Head of the Security Lab at Hornetsecurity, said, “We expect that the likelihood of more widespread attacks targeting the CVE-2023-23397 vulnerability to increase, as public proof-of-concepts have already been released. We therefore highly recommend that all users of Microsoft Outlook apply the security patches provided by Microsoft as soon as possible.”

He confirmed that Hornetsecurity detects emails that exploit the vulnerability and quarantines them to prevent emails from reaching the victim’s inbox, and added, “The Security Lab at Hornetsecurity is continuing to monitor the threat landscape to ensure that customers are protected from the latest cyber threats.”

Exploitation occurs even before the email is displayed in the preview pane

The exploit is initiated by fetching and processing a malicious email by the Outlook client, potentially leading to exploitation even before the email is displayed in the preview pane. It triggers a connection from the victim to a location controlled by the attacker. This results in the leakage of the victim’s Net-NTLMv2 hash, a challenge-response protocol used for authentication in Windows environments. The attacker can then relay this information to another service and authenticate as the victim, further compromising the system.

The complexity of the attack is low, and it has been seen in the wild according to Microsoft, with the exploit being used to target the European government, military, energy, and transportation organisations. It was initially reported to Microsoft by CERT-UA (the Computer Emergency Response Team for Ukraine).

A proof-of-concept created by the Hornetsecurity’s Security Lab team demonstrates that the exploit is hard-to-detect since all anti-malware and sandbox services incorporated into VirusTotal were unable to recognize it as malicious.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.

• New Hornetsecurity data backup software, featuring tamper-proof solution, protects against growing threat of malicious ransomware threats
• Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom
• This powerful offering comes following Hornetsecurity’s acquisition of Altaro, the fast-growing global provider of backup solutions, in 2021

Pittsburgh, PA (15 March 2023) – Global cybersecurity provider Hornetsecurity has today announced the launch of VM Backup V9 – the newest version of its award-winning virtual machine (VM) backup, replication and recovery solution.

Ransomware protection

Immutable Cloud Storage gives users ongoing access to their data without the need to pay a ransom if targeted by ransomware. This newest feature ensures that backup data becomes tamper-proof, as it cannot be modified or deleted by any user, including administrators and root users.

Easy installation and newly overhauled backup repository

VM Backup V9 has an easy-to-use, intuitive interface that gives individuals full control, allowing them to monitor and manage all Hyper-V and VMware VMs from a single console.

V9 can now handle larger infrastructure setups. Its overhauled backup repository optimizes disk space, ensuring more robust long-term storage. In addition, background operations can now run in parallel with other ongoing backup and restore processes.

Hornetsecurity provides outstanding support 24 hours a day, 7 days a week, with a guaranteed call response time of less than 30 seconds.

Learn more about Hornetsecurity’s VM Backup V9 here.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Pittsburgh, PA (8 March 2023) – The dangerous Emotet malware – a Trojan – is back. Hornetsecurity’s inhouse Security Lab has observed a new emerging Emotet campaign after almost three months of silence.

The latest iteration of Emotet uses very large files to bypass security scans that only scan the first bytes of large files or skip large files completely.

Emails come with a 600-kilobyte ZIP file containing inflated Word documents (.doc) of over 500 megabytes. When the victim opens the Word document, the Word document downloads a malicious payload (.dll) that is also over 500 megabytes.

This new instance is currently running at a slow pace, but our Security Lab expects it to pick up. Emotet emails can look legit, and – even if detected and quarantined by email security systems – users may choose to release them from quarantine. Falling victim to it will help it spread further.

It is therefore essential for administrators to block such emails and to alert users to be on their guard.

Hornetsecurity is protecting its customers against this by rejecting such emails with immediate effect.

Click here to learn more about Emotet.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.

• New threats call for next-gen security solutions as Hornetsecurity unveils new technologies to counter rise in phishing attacks and malicious links
• Hornetsecurity Security Lab discovers fake QR codes are a growing threat to email safety
• Also launches Mailbox Migration Tool and new Partner Program

Pittsburgh, PA (1 February 2023) – Leading cybersecurity provider Hornetsecurity has today launched two new tools – the QR Code Analyzer and Secure Links – to combat growing cyber threats. These launches come in response to a rise in fake QR codes and the ongoing threat of phishing, which represents 40% of all cyber threats.

Hornetsecurity has also released a new automated mailbox migration solution, which helps partners efficiently and securely deploy and operate Microsoft 365 in the cloud for their customers – and remain safe from cyberattacks. In addition, the cybersecurity specialist has simplified its partner program to enable partners to work on projects and MSP business equally and centrally.

QR code phishing

Research from Hornetsecurity’s Security Lab has discovered that cybercriminals are using QR codes in emails to obtain confidential data. To counter this latest threat, Hornetsecurity is expanding its Advanced Threat Protection and 365 Total Protection Suite for Microsoft 365 with the launch of its QR Code Analyzer. This unique technology determines whether QR codes link to malicious sites when scanned.

The launch of Hornetsecurity’s ‘Secure Links’ functionality will also help limit cyber-attacks, especially ransomware attempts. This new service runs all email links through a secure analyzer before enabling the recipient to safely open the link. Both new technologies provide businesses and their employees with extra reassurance that their email communications are safe.

Hornetsecurity CEO, Daniel Hofmann, said: “Hornetsecurity is committed to pre-empting and responding to new cybersecurity threats and customer concerns. Phishing attacks and fake QR codes are on the increase, so we are pleased to launch unique technologies that will combat these ever-growing threats. The QR Code Analyzer and Secure Links tools will benefit businesses by fighting cybersecurity attacks in a safe, reliable and cost-effective way.”

Migrate mailboxes in a safe and efficient way

In response to challenges that Hornetsecurity partners have faced in transferring mailboxes from on-prem to Microsoft 365 cloud, the cybersecurity specialist has developed the Mailbox Migration Tool. This new offering enables Hornetsecurity partners to automatically migrate customers securely, efficiently and with major time-savings – in turn, enabling them to provide peace of mind by offering full security for Microsoft 365 via 365 Total Protection.

New simplified partner program

Further information

For more information on Hornetsecurity’s new cybersecurity tools, please visit Advanced Threat Protection and Mailbox Migration Tool.

Hornetsecurity is hosting a webinar on February 16, 2023, about the latest product updates to their growing solutions portfolio.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

• Hornetsecurity survey reveals nearly one-fifth of IT pros say workers are not secure when working remotely
• Almost three-quarters of remote staff have access to critical data
• Nearly half of respondents say their organisation plans to increase the percentage of employees that work remotely in 2023

Pittsburgh, PA (12 January 2023) – New research from leading cybersecurity provider Hornetsecurity has found that 33% of companies are not providing any cybersecurity awareness training to users who work remotely.

The study also revealed nearly three-quarters (74%) of remote staff have access to critical data, which is creating more risk for companies in the new hybrid working world.

Despite the current lack of training and employees feeling ill-equipped, almost half (44%) of respondents said their organization plans to increase the percentage of employees that work remotely.

Daniel Hofmann, CEO of Hornetsecurity, said: “The popularity of hybrid work, and the associated risks, means that companies must prioritize training and education to make remote working safe. Traditional methods of controlling and securing company data aren’t as effective when employees are working in remote locations and greater responsibility falls on the individual. Companies must acknowledge the unique risks associated with remote work and activate relevant security management systems, as well as empower employees to deal with a certain level of risk.”

Challenges and risks

The independent survey, which quizzed 925 IT professionals from a range of business types and sizes globally, highlighted the security management challenges and employee cybersecurity risk when working remotely.

The research revealed two core problems causing risk: employees having access to critical data, and not enough training being provided on how to manage cybersecurity or how to reduce the risk of a cyber attack or breach.

Hofmann commented: “Increasing remote working cybersecurity measures is particularly important in the current climate, as cybercriminals are becoming smarter and using remote working to their advantage. We’ve seen an increase in smartphone attacks as hackers understand that both personal and professional data can likely be accessed as people can, and often do, carry out work on personal devices.”

Remote working security issues

Lack of knowledge amplifies risk

The study also highlighted a lack of understanding, confidence and knowledge around cybersecurity from employees when working remotely. Nearly half (43%) of IT professionals rate their confidence in their remote security measures as ‘moderate’ or worse, with the survey also finding that ‘uncontrolled file sharing’ was a common source of cybersecurity incidents (16%).

Organisations can reduce risks associated with cybersecurity by increasing education and training. Basic training could improve matters significantly: Hornetsecurity’s Security Awareness Training, for example, helps firms to strengthen their human firewall.

Use of endpoint management

Having strong systems in place to protect employees is essential. The study found that the main sources of cybersecurity incidents were compromised endpoints (28%) and compromised credentials (28%). In addition, 15% said that employees use their own devices with some endpoint configuration for remote work. It’s clear that having both security awareness training and investment in endpoint management systems are vital to have robust remote cybersecurity for organizations.

Hofmann concluded: “To tackle the knowledge gap, training such as our end user Cyber Security Awareness Training helps ensure attackers are less likely to carry out a successful breach when trying to exploit employees. This and endpoint management, are the two basic steps in reducing remote working risks.”

About Hornetsecurity

Hornetsecurity is the leading security and backup solution provider for Microsoft 365. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market, providing robust, comprehensive, award-winning protection: Spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It’s an all-in-one security package that even includes backup and recovery for all data in Microsoft 365 and users’ endpoints.

 Hornetsecurity Inc. is based in Pittsburgh, PA with other North America offices in Washington D.C. and Montreal, Canada. Globally, Hornetsecurity operates in more than 30 countries through its international distribution network. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

Media enquiries

• Signings cover significant expansion in Philippines, Saudi Arabia, Poland, Czech Republic, Gulf States, Emirates, Middle East, North Africa, Cyprus and Turkey
• Expansion provides improved backup and recovery services increasing the use of 365 Total Protection suite and 365 Total Backup from Hornetsecurity
• Email cloud security and compliance added to mix in APAC with the expansion of Datastor Australia’s portfolio

Pittsburgh, PA (November 22, 2022 ) – Global email security and backup provider, Hornetsecurity, has today announced a major push into several different regions across the world, with the signing of new distributors and partnerships. This further expands Hornetsecurity’s established presence in Europe, the US and LATAM.

In the Philippines and Saudi Arabia, the signing of distributors WSI and S2 will see Hornetsecurity’s capabilities support even more businesses in limiting cybersecurity issues. EMT have been appointed as distributors of Hornetsecurity solutions in the Middle East. In Eastern Europe, software distributors ED&R Polska in Poland and  PBCom in the Czech Republic have been selected due to their significant Microsoft presence. In Australia, Datastor Australia has expanded its portfolio from Altaro backup solutions for Microsoft 365 to the full range of Hornetsecurity cyber solutions, adding email cloud security and compliance into the mix.

These agreements, covering more than 10 countries, will take Hornetsecurity’s flagship 365 Total Protection suite and 365 Total Backup far deeper into their respective Microsoft communities.

Colin Wright, VP, ROW, Hornetsecurity, commented: “In signing these agreements, we have made a significant expansion commitment into APAC and Eastern Europe. Microsoft retains significant dominance in the region, so it makes sense that our complementary next-gen email security, backup and compliance solutions should grow alongside as the number one third-party provider. To date, we’ve focused largely on Western Europe and the Americas, but now we have a dedicated team to roll out Hornetsecurity into APAC and we are finding initial demand really exciting.”

Hazel Escanlar, General Manager WSI, commented: “We’re one of the leading distributors in the Philippines, and we’ve taken the decision to expand our cybersecurity portfolio with Hornetsecurity because of its alternate stance on becoming the number one end-to-end supplier of cybersecurity and set-and-forget backups for Microsoft for SMBs, and all controlled from one easy-to-use control panel for those offering managed services. With Hornetsecurity, it’s all about convenience and flexibility to give MSPs peace of mind while reducing their demands on time.”

From a partner perspective, 365 Total Backup enables managed service providers (MSPs) and value-added resellers (VARs) to provide backup and recovery services for Microsoft 365 mailboxes, Teams, OneDrive, and SharePoint. They can easily take backups and manage them through a multi-tenant, cloud-based control panel. 365 Total Protection Enterprise Backup combines this functionality with state-of-the-art email security that protects against spam, viruses, phishing and ransomware; as well as providing Advanced Threat Protection (ATP), email signatures and disclaimers, automated email continuity and legally compliant email archiving.

Daniel Hofmann, CEO, Hornetsecurity, explained: “Through these new appointments, we can offer a great market opportunity to more partners globally. They can now bring their customers to Microsoft 365 in a secure, safe and compliant mode, through our next-gen solutions. We also provide them with the unique benefit of being able to back up the data shared via User Chats in Microsoft Teams as well as Group Channel Conversations, something other vendors are not able to do. This strong market position gives our partners a compelling advantage.”

About Hornetsecurity

Hornetsecurity is the leading security and backup solution provider for Microsoft 365. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market, providing robust, comprehensive, award-winning protection: Spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It’s an all-in-one security package that even includes backup and recovery for all data in Microsoft 365 and users’ endpoints.

Hornetsecurity Inc. is based in Pittsburgh, PA with other North America offices in Washington D.C. and Montreal, Canada. Globally, Hornetsecurity operates in more than 30 countries through its international distribution network. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

Media enquiries

Please contact us on press@hornetsecurity.com.