Hornetsecurity Blog

Get regular updates from the world of cloud security

In our blog, the Hornetsecurity team – especially the experts from the Security Lab – regularly report on IT security topics as well as on current innovations and events at Hornetsecurity.

Emotet Botnet Takedown

Emotet Botnet Takedown

On 2021-01-27 it was announced by Europol that an international worldwide coordinated law enforcement and judicial action has disrupted the Emotet botnet and investigators have taken control of Emotet’s infrastructure. If successful this could mean the end of Emotet, its botnet, malspam, and malware loader operation. While the situation is still developing, we can confirm that the Emotet botnet infrastructure is disrupted. Victims will be notified by responsible country CERTs and should take appropriate actions to clean their Emotet malware and secondary malware infections to prevent still active malware that was downloaded by Emotet to deploy ransomware.
Hornetsecurity included in ‚Secure Email Gateway – Market Quadrant 2020‘

Hornetsecurity included in ‚Secure Email Gateway – Market Quadrant 2020‘

Most cyber attacks hit businesses via email, so it is extremely important to choose the right security solution. The new ‘Secure Email Gateway – Market Quadrant 2020’ from Radicati Group, which can be downloaded free of charge, provides helpful guidance. Hornetsecurity is highlighted in the market analysis as an innovative ‘Trail Blazer’ that stirs up the market with new technologies…
QakBot reducing its on disk artifacts

QakBot reducing its on disk artifacts

QakBot has been updated with more evasion techniques. QakBot’s configuration is now stored in a registry key instead of a file. The run key for persistence is not permanently present in the registry but only written right before shutdown or reboot, and deleted immediately after QakBot is executed again. QakBot’s executable is also not stored permanently on the file system anymore, but similarly to the run key registry entry, dropped onto the file system before reboots and deleted afterwards. This way security software can only detect QakBot artifacts on disk, right before system shutdown, and shortly after system boot. However, at that time security software itself is shutting down and booting up, hence may not detect QakBot’s new persistence method.
Hornetsecurity included in Gartner’s 2020 Market Guide for Email Security

Hornetsecurity included in Gartner’s 2020 Market Guide for Email Security

The new Market Guide for Email Security from leading research and advisory company Gartner has listed Hornetsecurity as Representative Vendor. With the Gartner Market Guide for Email Security, analysts Mark Harris, Peter Firstbrook and Ravisha Chugh provide comprehensive guidance on how to set up email security to meet changing circumstances. Especially because of the dramatic increase of phishing attacks, the rise of business email compromise (BEC) and the ongoing migration to cloud security, security managers need to ensure that the solutions they choose are appropriate….

Sign Up Hornet News

The new Cyberthreat Report

Brand new – 2nd Cyberthreat Report in 2020

The brand new Cyberthreat Report tells you all about current cyberthreats and gives you access to exclusive numbers and statistics.

 

Cyberthreat Report

» Download