Pittsburgh, PA (8 March 2023) – The dangerous Emotet malware – a Trojan – is back. Hornetsecurity’s inhouse Security Lab has observed a new emerging Emotet campaign after almost three months of silence.

The latest iteration of Emotet uses very large files to bypass security scans that only scan the first bytes of large files or skip large files completely.

Emails come with a 600-kilobyte ZIP file containing inflated Word documents (.doc) of over 500 megabytes. When the victim opens the Word document, the Word document downloads a malicious payload (.dll) that is also over 500 megabytes.

This new instance is currently running at a slow pace, but our Security Lab expects it to pick up. Emotet emails can look legit, and – even if detected and quarantined by email security systems – users may choose to release them from quarantine. Falling victim to it will help it spread further.

It is therefore essential for administrators to block such emails and to alert users to be on their guard.

Hornetsecurity is protecting its customers against this by rejecting such emails with immediate effect.

Click here to learn more about Emotet.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us on press@hornetsecurity.com.

• New threats call for next-gen security solutions as Hornetsecurity unveils new technologies to counter rise in phishing attacks and malicious links
• Hornetsecurity Security Lab discovers fake QR codes are a growing threat to email safety
• Also launches Mailbox Migration Tool and new Partner Program

Pittsburgh, PA (1 February 2023) – Leading cybersecurity provider Hornetsecurity has today launched two new tools – the QR Code Analyzer and Secure Links – to combat growing cyber threats. These launches come in response to a rise in fake QR codes and the ongoing threat of phishing, which represents 40% of all cyber threats.

Hornetsecurity has also released a new automated mailbox migration solution, which helps partners efficiently and securely deploy and operate Microsoft 365 in the cloud for their customers – and remain safe from cyberattacks. In addition, the cybersecurity specialist has simplified its partner program to enable partners to work on projects and MSP business equally and centrally.

QR code phishing

Research from Hornetsecurity’s Security Lab has discovered that cybercriminals are using QR codes in emails to obtain confidential data. To counter this latest threat, Hornetsecurity is expanding its Advanced Threat Protection and 365 Total Protection Suite for Microsoft 365 with the launch of its QR Code Analyzer. This unique technology determines whether QR codes link to malicious sites when scanned.

The launch of Hornetsecurity’s ‘Secure Links’ functionality will also help limit cyber-attacks, especially ransomware attempts. This new service runs all email links through a secure analyzer before enabling the recipient to safely open the link. Both new technologies provide businesses and their employees with extra reassurance that their email communications are safe.

Hornetsecurity CEO, Daniel Hofmann, said: “Hornetsecurity is committed to pre-empting and responding to new cybersecurity threats and customer concerns. Phishing attacks and fake QR codes are on the increase, so we are pleased to launch unique technologies that will combat these ever-growing threats. The QR Code Analyzer and Secure Links tools will benefit businesses by fighting cybersecurity attacks in a safe, reliable and cost-effective way.”

Migrate mailboxes in a safe and efficient way

In response to challenges that Hornetsecurity partners have faced in transferring mailboxes from on-prem to Microsoft 365 cloud, the cybersecurity specialist has developed the Mailbox Migration Tool. This new offering enables Hornetsecurity partners to automatically migrate customers securely, efficiently and with major time-savings – in turn, enabling them to provide peace of mind by offering full security for Microsoft 365 via 365 Total Protection.

New simplified partner program

Further information

For more information on Hornetsecurity’s new cybersecurity tools, please visit Advanced Threat Protection and Mailbox Migration Tool.

Hornetsecurity is hosting a webinar on February 16, 2023, about the latest product updates to their growing solutions portfolio.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organizations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

• Hornetsecurity survey reveals nearly one-fifth of IT pros say workers are not secure when working remotely
• Almost three-quarters of remote staff have access to critical data
• Nearly half of respondents say their organisation plans to increase the percentage of employees that work remotely in 2023

Pittsburgh, PA (12 January 2023) – New research from leading cybersecurity provider Hornetsecurity has found that 33% of companies are not providing any cybersecurity awareness training to users who work remotely.

The study also revealed nearly three-quarters (74%) of remote staff have access to critical data, which is creating more risk for companies in the new hybrid working world.

Despite the current lack of training and employees feeling ill-equipped, almost half (44%) of respondents said their organization plans to increase the percentage of employees that work remotely.

Daniel Hofmann, CEO of Hornetsecurity, said: “The popularity of hybrid work, and the associated risks, means that companies must prioritize training and education to make remote working safe. Traditional methods of controlling and securing company data aren’t as effective when employees are working in remote locations and greater responsibility falls on the individual. Companies must acknowledge the unique risks associated with remote work and activate relevant security management systems, as well as empower employees to deal with a certain level of risk.”

Challenges and risks

The independent survey, which quizzed 925 IT professionals from a range of business types and sizes globally, highlighted the security management challenges and employee cybersecurity risk when working remotely.

The research revealed two core problems causing risk: employees having access to critical data, and not enough training being provided on how to manage cybersecurity or how to reduce the risk of a cyber attack or breach.

Hofmann commented: “Increasing remote working cybersecurity measures is particularly important in the current climate, as cybercriminals are becoming smarter and using remote working to their advantage. We’ve seen an increase in smartphone attacks as hackers understand that both personal and professional data can likely be accessed as people can, and often do, carry out work on personal devices.”

Remote working security issues

Lack of knowledge amplifies risk

The study also highlighted a lack of understanding, confidence and knowledge around cybersecurity from employees when working remotely. Nearly half (43%) of IT professionals rate their confidence in their remote security measures as ‘moderate’ or worse, with the survey also finding that ‘uncontrolled file sharing’ was a common source of cybersecurity incidents (16%).

Organisations can reduce risks associated with cybersecurity by increasing education and training. Basic training could improve matters significantly: Hornetsecurity’s Security Awareness Training, for example, helps firms to strengthen their human firewall.

Use of endpoint management

Having strong systems in place to protect employees is essential. The study found that the main sources of cybersecurity incidents were compromised endpoints (28%) and compromised credentials (28%). In addition, 15% said that employees use their own devices with some endpoint configuration for remote work. It’s clear that having both security awareness training and investment in endpoint management systems are vital to have robust remote cybersecurity for organizations.

Hofmann concluded: “To tackle the knowledge gap, training such as our end user Cyber Security Awareness Training helps ensure attackers are less likely to carry out a successful breach when trying to exploit employees. This and endpoint management, are the two basic steps in reducing remote working risks.”

About Hornetsecurity

Hornetsecurity is the leading security and backup solution provider for Microsoft 365. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market, providing robust, comprehensive, award-winning protection: Spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It’s an all-in-one security package that even includes backup and recovery for all data in Microsoft 365 and users’ endpoints.

 Hornetsecurity Inc. is based in Pittsburgh, PA with other North America offices in Washington D.C. and Montreal, Canada. Globally, Hornetsecurity operates in more than 30 countries through its international distribution network. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

Media enquiries

• Signings cover significant expansion in Philippines, Saudi Arabia, Poland, Czech Republic, Gulf States, Emirates, Middle East, North Africa, Cyprus and Turkey
• Expansion provides improved backup and recovery services increasing the use of 365 Total Protection suite and 365 Total Backup from Hornetsecurity
• Email cloud security and compliance added to mix in APAC with the expansion of Datastor Australia’s portfolio

Pittsburgh, PA (November 22, 2022 ) – Global email security and backup provider, Hornetsecurity, has today announced a major push into several different regions across the world, with the signing of new distributors and partnerships. This further expands Hornetsecurity’s established presence in Europe, the US and LATAM.

In the Philippines and Saudi Arabia, the signing of distributors WSI and S2 will see Hornetsecurity’s capabilities support even more businesses in limiting cybersecurity issues. EMT have been appointed as distributors of Hornetsecurity solutions in the Middle East. In Eastern Europe, software distributors ED&R Polska in Poland and  PBCom in the Czech Republic have been selected due to their significant Microsoft presence. In Australia, Datastor Australia has expanded its portfolio from Altaro backup solutions for Microsoft 365 to the full range of Hornetsecurity cyber solutions, adding email cloud security and compliance into the mix.

These agreements, covering more than 10 countries, will take Hornetsecurity’s flagship 365 Total Protection suite and 365 Total Backup far deeper into their respective Microsoft communities.

Colin Wright, VP, ROW, Hornetsecurity, commented: “In signing these agreements, we have made a significant expansion commitment into APAC and Eastern Europe. Microsoft retains significant dominance in the region, so it makes sense that our complementary next-gen email security, backup and compliance solutions should grow alongside as the number one third-party provider. To date, we’ve focused largely on Western Europe and the Americas, but now we have a dedicated team to roll out Hornetsecurity into APAC and we are finding initial demand really exciting.”

Hazel Escanlar, General Manager WSI, commented: “We’re one of the leading distributors in the Philippines, and we’ve taken the decision to expand our cybersecurity portfolio with Hornetsecurity because of its alternate stance on becoming the number one end-to-end supplier of cybersecurity and set-and-forget backups for Microsoft for SMBs, and all controlled from one easy-to-use control panel for those offering managed services. With Hornetsecurity, it’s all about convenience and flexibility to give MSPs peace of mind while reducing their demands on time.”

From a partner perspective, 365 Total Backup enables managed service providers (MSPs) and value-added resellers (VARs) to provide backup and recovery services for Microsoft 365 mailboxes, Teams, OneDrive, and SharePoint. They can easily take backups and manage them through a multi-tenant, cloud-based control panel. 365 Total Protection Enterprise Backup combines this functionality with state-of-the-art email security that protects against spam, viruses, phishing and ransomware; as well as providing Advanced Threat Protection (ATP), email signatures and disclaimers, automated email continuity and legally compliant email archiving.

Daniel Hofmann, CEO, Hornetsecurity, explained: “Through these new appointments, we can offer a great market opportunity to more partners globally. They can now bring their customers to Microsoft 365 in a secure, safe and compliant mode, through our next-gen solutions. We also provide them with the unique benefit of being able to back up the data shared via User Chats in Microsoft Teams as well as Group Channel Conversations, something other vendors are not able to do. This strong market position gives our partners a compelling advantage.”

About Hornetsecurity

Hornetsecurity is the leading security and backup solution provider for Microsoft 365. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market, providing robust, comprehensive, award-winning protection: Spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It’s an all-in-one security package that even includes backup and recovery for all data in Microsoft 365 and users’ endpoints.

Hornetsecurity Inc. is based in Pittsburgh, PA with other North America offices in Washington D.C. and Montreal, Canada. Globally, Hornetsecurity operates in more than 30 countries through its international distribution network. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

Media enquiries

Please contact us on press@hornetsecurity.com.

• Cybersecurity experts studied over 25 billion emails for annual report*
• New insights from Hornetsecurity reveal 40.5% of work emails are unwanted
• Phishing ranked the number one email attack technique, at 39.6% of detected attacks

Pittsburgh, PA (November 10, 2022) – New research from cyber security provider Hornetsecurity has revealed that 40.5% of work emails are unwanted. The Cyber Security Report 2023, which analysed more than 25 billion work emails, also reveals significant changes to the nature of cyber-attacks in 2022 – indicating the constant, growing threats to email security, and need for caution in digital workplace communications.

Phishing remains the most common style of email attack, representing 39.6% of detected threats. Threat actors used the following file types sent via email to deliver payloads: Archive files (Zip, 7z, etc.) sent via email make up 28% of threats, down slightly from last year’s 33.6%, with HTML files increasing from 15.3% to 21%, and DOC(X) from 4.8% to 12.7%.

Commenting on the report findings, Hornetsecurity CEO, Daniel Hofmann, said: “This year’s cyber security report shows the steady creep of threats into inboxes around the world. The rise in unwanted emails, now found to be nearly 41%, is putting email users and businesses at significant risk.

“What’s more, our analysis identified both the enduring risk and changing landscape of ransomware attacks – highlighting the need for businesses and their employees to be more vigilant than ever.”

False security of Microsoft Teams

New cybersecurity trends and techniques for organisations to watch out for were also tracked. Since Microsoft disabled macros settings in Office 365, there has been a significant increase in HTML smuggling attacks using embedded LNK or ZIP files to deliver malware.

Microsoft 365 makes it easy to share documents, and end users often overlook the ramifications of how files are shared, as well as the security implications. Hornetsecurity found 25% of respondents were either unsure or assumed that Microsoft365 was immune to ransomware threats.

Hofmann added: “For these attackers, every industry is a target. Companies must therefore ensure comprehensive security awareness training while implementing next-gen preventative measures to ward off threats.”

“Ongoing training should be in place to prevent fraudsters from manipulating the trust people have in Microsoft and other office systems, and to counteract the psychological tricks applied by attackers. As usage of cloud services continues to grow and more users turn to MS Teams to share business information, it’s also critical to ensure all data shared via this platform is backed up.”

Shifting targets: brand impersonations

Cyber threats go beyond email and business communication platforms, however.  Brand impersonation attacks continue to rise, even on corporate social media, with LinkedIn growing to 22.4% of detected global brand impersonation threats, an increase of 3.5% compared with last year.

Cybercriminals use platforms like LinkedIn to determine job information and use this to gain access to company resources through social engineering. Organisations and their employees must always exercise caution when receiving work emails – both those that are unwanted, and those that may be from malicious impersonators.

Download the full Cyber Security Report 2023 here.

Hornetsecurity is hosting a Cyber Security Roundtable on 30 November, in which a panel of security experts will discuss the report findings and key strategies to building cyber security resilience in 2023. Learn more and register here.

Notes to Editor:

1. *By reviewing more than 25 billion emails collected over the current reporting period (1 October 2021 – 30 September 2022), the Security Lab has made the following determinations.

About Hornetsecurity

Hornetsecurity  is the leading security and backup solution provider for Microsoft 365. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market, providing robust, comprehensive, award-winning protection: Spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It’s an all-in-one security package that even includes backup and recovery for all data in Microsoft 365 and users’ endpoints.

Hornetsecurity Inc. is based in Pittsburgh, PA with other North America offices in Washington D.C. and Montreal, Canada. Globally, Hornetsecurity operates in more than 30 countries through its international distribution network. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

For any media enquiries, please contact press@hornetsecurity.com.

• Latest Hornetsecurity advancement in cybersecurity provides businesses with automated awareness training
• Best-in-class awareness training comes after a marked increase in cybersecurity risks and attacks in 2022

Pittsburgh, PA (October 24, 2022) – Today, Hornetsecurity launches a next-generation Security Awareness Training, to better equip employees to counter cyber-attacks, building on its international reputation as a cybersecurity leader.

Cyber criminals are constantly innovating and attacks are on the rise: Hornetsecurity’s 2022 Ransomware Report found that 60% of attacks came from phishing attempts. Many attackers exploit human vulnerability to phishing and fraud, so this new training service integrates the human factor into the cybersecurity cycle – bolstering this weaker link in the defence chain.

Systems and tools are only as secure as their users

Even with the best cybersecurity offering in place, there is always room for human error, which is why many cybersecurity insurance providers demand awareness training for employees. The new training from Hornetsecurity highlights the individual’s importance in establishing an organisation’s human firewall – and how essential each and every employee is in corporate cybersecurity, from prevention to protection, to response and recovery. In doing so, it helps companies establish a sustainable security culture.

An easy service that helps build a security mindset

Hornetsecurity’s automated training is innovative in that it is simple, rather than maintenance-intensive, for customers. The Awareness Engine is the technological heart of the Security Awareness product, offering bespoke, needs-based training: each user receives as much training as is necessary. Its Patented Spear Phishing Engine simulates sophisticated attacks to build knowledge of attacks.

To measure progress, it uses the Employee Security Index (ESI®) as an industry-wide unique benchmark, constantly measuring and comparing the organization’s and employee security behaviour.

It is available via subscription licensing, as a standalone service or as an addition to Hornetsecurity’s email security services, such as 365 Total Protection.

Training possible thanks to acquisition of IT-Seal

Hornetsecurity has always seen education as a key part of cybersecurity, providing ebooks, webinars and reports. The acquisition of IT-Seal in May 2022 further expanded Hornetsecurity’s education capabilities. Alongside its established email security and backup and recovery solutions, all aspects of the awareness-prevention-detection cycle are now covered.

Commenting on the Security Awareness Training launch, Daniel Hofmann, Hornetsecurity CEO says: “With cyber-attacks on the rise, it’s increasingly important for organisations to implement a cybersecurity ecosystem that includes education and robust email security functionality for prevention as well as back up for recovery. Our new offering specifically supports and guards against very human vulnerabilities to phishing and other cyber risks.              

“The Security Awareness Training product adds great value to our portfolio, bringing us closer to our goal of being one-stop vendor for next-gen security, backup and compliance for our partners and customers, with a special focus on Microsoft 365. It has already been implemented by global customers, including BMW Group and FC Bayern Munich.

“This is part of a very exciting 2022 and 2023 growth pipeline and we’re looking forward to continuing this momentum.”

For more information, please click here.

About Hornetsecurity

Hornetsecurity is the leading security and backup solution provider for Microsoft 365. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market, providing robust, comprehensive, award-winning protection: Spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It’s an all-in-one security package that even includes backup and recovery for all data in Microsoft 365 and users’ endpoints.

Hornetsecurity Inc. is based in Pittsburgh, PA with other North America offices in Washington D.C. and Montreal, Canada. Globally, Hornetsecurity operates in more than 30 countries through its international distribution network. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.

For media inquiries

Please contact us on press@hornetsecurity.com.