”A WAKE-UP CALL FOR BUSINESSES”: MORE THAN HALF OF IT DEPARTMENTS SADDLED WITH BURDEN OF COMPLIANCE, HORNETSECURITY SURVEY REVEALS

”A WAKE-UP CALL FOR BUSINESSES”: MORE THAN HALF OF IT DEPARTMENTS SADDLED WITH BURDEN OF COMPLIANCE, HORNETSECURITY SURVEY REVEALS

  • Nearly 80% of companies ‘more concerned’ about compliance than 5 years ago
  • Seven in 10 respondents (68.7%) say compliance has a ‘moderate’ to ‘extreme’ impact on their IT department’s operations.
  • 4 in 5 believe (81.7%) their organisation would benefit from a new, easier compliance management tool in Microsoft 365.

London ExCeL, UK (JUNE 20 2023) – Nearly 4 in 5 organisations are more concerned about compliance than they were five years ago, with the burden falling on the IT department in more than half (57%) of businesses, according to a new ‘IT Compliance Survey’ conducted by leading cybersecurity software provider Hornetsecurity. The company released its latest research findings at Infosecurity Europe 2023, currently in progress in London, where it is exhibiting at booth N40.

Worryingly, 69% of respondents said that compliance has a ‘moderate’ to ‘extreme’ impact on their IT department’s operations, and 1 in 8 companies (13%) said they couldn’t confirm that they were compliant with required controls.

The findings of more than 200 respondents, from CIOs to system administrators, revealed that despite this widespread concern, more than a third (37.5%) of organisations don’t have a dedicated compliance officer, and 1 in 8 have been penalised for non-compliance with regulations.

Just one-fifth of respondents said they use an automated system for compliance, with nearly 40% relying on time consuming manual processes. Even when using compliance features, like those present in Microsoft 365, there are problems; over half (52%) cited ‘Lack of internal knowledge’ and 44% said ‘complexity’ causes issues, both of which can jeopardise effective data protection and compliance with laws and regulations. More than 80% of respondents said their organisation would gain ‘moderate’ to ‘extreme’ benefit from a new, easier compliance management tool.

Commenting on the research, Hornetsecurity CEO, Daniel Hofmann, said: “This new survey should be a wake-up call for businesses. The fact that more than half of companies are hindering the day-to-day work of IT departments through lack of compliance staff and policies is a huge concern. It confirms our suspicion that there’s a widespread need for easy-to-use, effective compliance management solutions to enable companies to streamline data management and reduce the risk of data loss.”

Only 2 in 10 utilize an automated process to verify IT compliance on a regular basis

Cloud problems

Unfortunately, the survey findings also revealed that cloud storage was a major issue when it comes to compliance.

  • 1 in 3 respondents (33.3%) said a ‘lack of effective reporting and auditing tools’ is a reason the cloud cannot be used to store data in their organisation.
  • 2 in 10 respondents (21.6%) claimed compliance regulations prevent their organisations from storing data in the cloud.
  • ‘Lack of trust’ (42.2%) and a ‘hard requirement data on-premises’ (37.8%) were the most commonly cited reasons for not storing data in the cloud.

To address the mounting challenges faced by IT teams, Hornetsecurity has created a way for any-sized companies to alleviate compliance burdens with its next-gen all-in-one email security, backup, compliance and security awareness solution for Microsoft 365, 365 Total Protection. Additional value is added by coupling this with Hornetsecurity’s newly launched 365 Permission Manager, which delivers effortless permissions management, enabling administrators to control Microsoft 365 permissions, enforce compliance policies, and monitor violations in SharePoint Online and OneDrive for Business.

Hofmann added: “Hornetsecurity’s offerings for M365 helps to deliver easy-to-use and effective security, backup, compliance and governance solutions for organisations. For example, the ease of file-storage and file-sharing in SharePoint Online and OneDrive for Business can quickly create a compliance headache for administrators. Our solutions assist business leaders to work in line with regulations, and importantly, it frees up time and responsibility for IT teams to focus on their essential tasks.”

Click here to access the full ‘IT Compliance Survey’ report.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

For more information, visit www.hornetsecurity.com.

Media enquiries

Please contact us at press@hornetsecurity.com.

Hornetsecurity launches new 365 Permission Manager to help companies protect critical data

Hornetsecurity launches new 365 Permission Manager to help companies protect critical data

  • Hornetsecurity’s 365 Permission Manager delivers effortless permissions management for Microsoft 365
  • New software gives administrators the ability to control Microsoft 365 permissions, enforce compliance policies, and monitor violations
  • Rise in hybrid work means three-quarters of remote workers have access to critical data

Pittsburgh, PA (23 May 2023) – Leading cybersecurity provider, Hornetsecurity, has today announced the launch of 365 Permission Manager – a user-friendly, admin-centred solution to manage permissions, enforce compliance policies, and monitor violations within Microsoft 365 (M365).

This innovative solution brings ease and order to the tracking of employee access to M365 sites, files and folders, and ensures that critical permission situations do not occur. This way, 365 Permission Manager helps protect the organization’s information assets and ensures that users follow good practices when sharing critical business information, in line with Chief Information Security Officer (CISO) requirements.

A recent study from Hornetsecurity found that nearly three-quarters (74%) of remote staff have access to critical data. This increase in hybrid work further demonstrates how critical and valuable 365 Permission Manager is to administrators and CISOs, as it can help prevent unauthorized access to corporate data. It also enables administrators to meet compliance requirements by helping users to work diligently.

Hornetsecurity CISO, Olaf Petry, said: “It is critical for a CISO to effectively oversee the company’s strategy and programs to ensure adequate protection of information assets and technologies, and yet this process can be very complicated. My peers often discuss what a great pain point it is for them. Hornetsecurity’s new 365 Permission Manager will set CISO’s minds at rest by enabling security and compliance managers and administrators to efficiently and easily control Microsoft 365 permissions, and help prevent critical data from getting into the wrong hands.”

Elevating compliance

Hornetsecurity worked closely with CISOs, security and compliance managers, and administrators to create the new 365 Permission Manager. The solution helps organisations better protect sensitive information via a user-friendly interface that provides a comprehensive view of permissions. This will save organisations and administrators time and effort, as it allows them to perform bulk actions to manage permissions and maintain a compliant SharePoint, Teams, and OneDrive infrastructure.

365 Permission Manager also enables organisations to confidently maintain compliance with internal and external regulations, as well as policies across sharing sites, files and folders in Microsoft 365 – making for an easier, smoother and more efficient process for administrators and site owners.

User Friendly usage of 365 Permission Manager

Going beyond existing offerings

Hornetsecurity’s 365 Permission Manager also empowers organisations to exercise reasonable control over the access and sharing permissions granted in M365 in a pragmatic way. Instead of offering an excess of overly specific features, the unique solution is operational-centred, providing a non-obstructive workflow to easily review and fix permissions.

Both customers and partners will benefit from the introduction of 365 Permission Manager, with the additional benefit of Hornetsecurity’s integrated service platform for M365 security, compliance and backup, as well as security awareness.

Hornetsecurity CEO, Daniel Hofmann, said: “Having listened to many customers and partners who have shared their concerns about this issue, I understand how valuable 365 Permission Manager will be. It is vital that businesses and CISOs have the ability to enforce compliance policies and reasonably control access to documents and data – and we are proud to offer this with our new solution.”

Click here to learn more about Hornetsecurity’s 365 Permission Manager.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

About Hornetsecurity

Please contact us at press@hornetsecurity.com.

Security Alert: Severe security vulnerability discovered in Microsoft Outlook — CVE-2023-23397

Security Alert: Severe security vulnerability discovered in Microsoft Outlook — CVE-2023-23397

Microsoft Outlook users advised to urgently apply the security patches provided by Microsoft

Pittsburgh, PA – 16 March 2023 – A severe security vulnerability has been discovered in Microsoft Outlook, which is currently being exploited by cybercriminals. The vulnerability, identified as CVE-2023-23397 with a CVSS score of 9.8, permits a remote, unauthorized attacker to compromise systems simply by transmitting a specifically crafted email. This malicious email enables the attacker to gain unauthorized access to the recipient’s credentials.

More widespread attacks that target this vulnerability are expected

Umut Alemdar, Head of the Security Lab at Hornetsecurity, said, “We expect that the likelihood of more widespread attacks targeting the CVE-2023-23397 vulnerability to increase, as public proof-of-concepts have already been released. We therefore highly recommend that all users of Microsoft Outlook apply the security patches provided by Microsoft as soon as possible.”

He confirmed that Hornetsecurity detects emails that exploit the vulnerability and quarantines them to prevent emails from reaching the victim’s inbox, and added, “The Security Lab at Hornetsecurity is continuing to monitor the threat landscape to ensure that customers are protected from the latest cyber threats.”

 

Exploitation occurs even before the email is displayed in the preview pane

The exploit is initiated by fetching and processing a malicious email by the Outlook client, potentially leading to exploitation even before the email is displayed in the preview pane. It triggers a connection from the victim to a location controlled by the attacker. This results in the leakage of the victim’s Net-NTLMv2 hash, a challenge-response protocol used for authentication in Windows environments. The attacker can then relay this information to another service and authenticate as the victim, further compromising the system.

The complexity of the attack is low, and it has been seen in the wild according to Microsoft, with the exploit being used to target the European government, military, energy, and transportation organisations. It was initially reported to Microsoft by CERT-UA (the Computer Emergency Response Team for Ukraine).

A proof-of-concept created by the Hornetsecurity’s Security Lab team demonstrates that the exploit is hard-to-detect since all anti-malware and sandbox services incorporated into VirusTotal were unable to recognize it as malicious.

 

Recommended actions

For a list of affected versions, and recommended action to secure your organization, please click here.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.

HORNETSECURITY CHALLENGES RANSOMWARE ATTACKS WITH LAUNCH OF VM BACKUP V9 LEVERAGING IMMUTABLE CLOUD STORAGE

HORNETSECURITY CHALLENGES RANSOMWARE ATTACKS WITH LAUNCH OF VM BACKUP V9 LEVERAGING IMMUTABLE CLOUD STORAGE

  • New Hornetsecurity data backup software, featuring tamper-proof solution, protects against growing threat of malicious ransomware threats
  • Hornetsecurity research highlights that more than 1 in 4 companies have fallen victim to ransomware attacks, with 14.1% losing data and 6.6% paying a ransom
  • This powerful offering comes following Hornetsecurity’s acquisition of Altaro, the fast-growing global provider of backup solutions, in 2021

Pittsburgh, PA (15 March 2023) – Global cybersecurity provider Hornetsecurity has today announced the launch of VM Backup V9 – the newest version of its award-winning virtual machine (VM) backup, replication and recovery solution.

This latest iteration offers ransomware protection leveraging immutable cloud storage on Wasabi and Amazon S3, with Microsoft Azure soon to follow. This new key feature enables customers to protect their backup data from ransomware by making their data tamper-proof for a defined period.

A recent Hornetsecurity study revealed that 15% of ransomware attacks specifically targeted backups, highlighting the essential need for immutable backups , which forms a key part of the V9 update.

Hornetsecurity CEO, Daniel Hofmann, said: “Data breaches and ransomware cost businesses millions of dollars every year. It’s vital that organizations take preventative measures and are protected with the latest technology. We’re excited to launch VM Backup V9, which provides reassurance to our customers and partners that their virtual machine data backups are protected against ransomware attacks. It also addresses the latest compliance regulations in data security and data protection.”

Available Offsite Location

Ransomware protection

Immutable Cloud Storage gives users ongoing access to their data without the need to pay a ransom if targeted by ransomware. This newest feature ensures that backup data becomes tamper-proof, as it cannot be modified or deleted by any user, including administrators and root users.

Easy installation and newly overhauled backup repository

VM Backup V9 has an easy-to-use, intuitive interface that gives individuals full control, allowing them to monitor and manage all Hyper-V and VMware VMs from a single console.

V9 can now handle larger infrastructure setups. Its overhauled backup repository optimizes disk space, ensuring more robust long-term storage. In addition, background operations can now run in parallel with other ongoing backup and restore processes.

Hornetsecurity provides outstanding support 24 hours a day, 7 days a week, with a guaranteed call response time of less than 30 seconds.

Learn more about Hornetsecurity’s VM Backup V9 here.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.
Security alert: Dangerous new instance of Emotet Trojan emerges

Security alert: Dangerous new instance of Emotet Trojan emerges

Pittsburgh, PA (8 March 2023) – The dangerous Emotet malware – a Trojan – is back. Hornetsecurity’s inhouse Security Lab has observed a new emerging Emotet campaign after almost three months of silence.

The latest iteration of Emotet uses very large files to bypass security scans that only scan the first bytes of large files or skip large files completely.

Emotet Example

Emails come with a 600-kilobyte ZIP file containing inflated Word documents (.doc) of over 500 megabytes. When the victim opens the Word document, the Word document downloads a malicious payload (.dll) that is also over 500 megabytes.

Emotet Attachment Example

This new instance is currently running at a slow pace, but our Security Lab expects it to pick up. Emotet emails can look legit, and – even if detected and quarantined by email security systems – users may choose to release them from quarantine. Falling victim to it will help it spread further.

It is therefore essential for administrators to block such emails and to alert users to be on their guard.

Hornetsecurity is protecting its customers against this by rejecting such emails with immediate effect.

Click here to learn more about Emotet.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

 

Media enquiries

Please contact us on press@hornetsecurity.com.

HORNETSECURITY COMBATS QR CODE PHISHING WITH LAUNCH OF UNIQUE NEW TECHNOLOGY

HORNETSECURITY COMBATS QR CODE PHISHING WITH LAUNCH OF UNIQUE NEW TECHNOLOGY

  • New threats call for next-gen security solutions as Hornetsecurity unveils new technologies to counter rise in phishing attacks and malicious links
  • Hornetsecurity Security Lab discovers fake QR codes are a growing threat to email safety
  • Also launches Mailbox Migration Tool and new Partner Program

Pittsburgh, PA (1 February 2023) – Leading cybersecurity provider Hornetsecurity has today launched two new tools – the QR Code Analyzer and Secure Links – to combat growing cyber threats. These launches come in response to a rise in fake QR codes and the ongoing threat of phishing, which represents 40% of all cyber threats.

Hornetsecurity has also released a new automated mailbox migration solution, which helps partners efficiently and securely deploy and operate Microsoft 365 in the cloud for their customers – and remain safe from cyberattacks. In addition, the cybersecurity specialist has simplified its partner program to enable partners to work on projects and MSP business equally and centrally.

QR code phishing

Research from Hornetsecurity’s Security Lab has discovered that cybercriminals are using QR codes in emails to obtain confidential data. To counter this latest threat, Hornetsecurity is expanding its Advanced Threat Protection and 365 Total Protection Suite for Microsoft 365 with the launch of its QR Code Analyzer. This unique technology determines whether QR codes link to malicious sites when scanned.

The launch of Hornetsecurity’s ‘Secure Links’ functionality will also help limit cyber-attacks, especially ransomware attempts. This new service runs all email links through a secure analyzer before enabling the recipient to safely open the link. Both new technologies provide businesses and their employees with extra reassurance that their email communications are safe.

Hornetsecurity CEO, Daniel Hofmann, said: “Hornetsecurity is committed to pre-empting and responding to new cybersecurity threats and customer concerns. Phishing attacks and fake QR codes are on the increase, so we are pleased to launch unique technologies that will combat these ever-growing threats. The QR Code Analyzer and Secure Links tools will benefit businesses by fighting cybersecurity attacks in a safe, reliable and cost-effective way.”

Migrate mailboxes in a safe and efficient way

In response to challenges that Hornetsecurity partners have faced in transferring mailboxes from on-prem to Microsoft 365 cloud, the cybersecurity specialist has developed the Mailbox Migration Tool. This new offering enables Hornetsecurity partners to automatically migrate customers securely, efficiently and with major time-savings – in turn, enabling them to provide peace of mind by offering full security for Microsoft 365 via 365 Total Protection.

New simplified partner program

Hornetsecurity has also created a new simplified partner program. The newly adjusted program aims to unify partner levels and includes both managed service (MSP) and project business. These updates make entry barriers negligible, so partners can provide Hornetsecurity’s services with minimal effort and investment. Hornetsecurity COO, Daniel Blank added: “Hornetsecurity has listened to our partners’ needs, which has led to the launch of our efficient and safe Mailbox Migration Tool, at the same time as our new partner program is rolled out. “This launch package is just the start of what will be a busy 2023 for Hornetsecurity as we monitor, learn and respond to new sophisticated cyberattacks, and continue to keep our customers’ data safe from ever-present threats.”

Further information

For more information on Hornetsecurity’s new cybersecurity tools, please visit Advanced Threat Protection and Mailbox Migration Tool.

Hornetsecurity is hosting a webinar on February 16, 2023, about the latest product updates to their growing solutions portfolio.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.