8 Books to Supercharge Your MSP in 2024
Mesh Blog
by Zoha Khan
1M ago
In honor of Book Lovers Day, we’ve compiled a list of essential reads for Managed Service Providers (MSPs). Sit back, grab a cup of coffee, and pick out your next favorite book. 1. Managed Services in a Month: Build a Successful IT Service Business in 30 Days - 2nd Ed. by Karl W. Palachuk Why You Should Read It: A practical resource for IT professionals transitioning to managed services. This step-by-step book covers everything from creating service offerings and agreements to pricing models and marketing strategies. Designed for both newcomers and experienced technicians, Palachuk provides d ..read more
Visit website
Homoglyph Email Attacks: Understanding and Mitigating the Threat
Mesh Blog
by Zoha Khan
2M ago
A homoglyph attack (also known as homograph attack) is a technique that involves the use of similar letters/ characters to trick users. Homoglyphs are found in many cyber attacks but are particularly dangerous in emails where malicious entities can be disguised as trusted contacts, domains, or brands. Homoglyph Attack Demonstration A homoglyph attack is commonly achieved through the use of different alphabets, for example, using the Cyrillic alphabet instead of Latin.   To help illustrate their effectiveness and for a challenge, can you tell the difference between these two domains? exa ..read more
Visit website
Fake Microsoft Alert Utilized in Credential Harvesting Attack
Mesh Blog
by Zoha Khan
3M ago
A new wave of phishing emails are characterized through a highly obfuscated HTML code. These emails do not contain direct URLs in the email body that link to malicious sites. Instead, they employ an attached HTML file designed to redirect users to phishing pages. This technique not only evades basic email security filters due to the complicated structure of the file but also uses the familiarity of the Microsoft brand to help convince end users of its legitimacy.   Microsoft Alert In Credential Phishing Email Attack   Upon inspection, the HTML attachment reveals code that is heavily ..read more
Visit website
A Hidden Threat: How Mesh Detects QR Code Phishing “Quishing” Video Breakdown.
Mesh Blog
by Guest User
3M ago
Introduction In recent months, there has been a significant rise in QR code phishing attacks, successfully bypassing email filters and leading to compromised mailboxes. Why are QR code, also known as “Quishing,” attacks becoming more popular? These appear harmless as we use QR codes from restaurant menus to airline tickets. However, they are an effective way to hide a malicious threat. The QR code itself can conceal a malicious link, which can appear as a standard image if not actively scanned and parsed. Given the widespread use of scanning QR codes daily by millions of people, receiving one ..read more
Visit website
Phishing Analysis - The Secrets of a HTML File
Mesh Blog
by Paul Rothwell
9M ago
Introduction This article is to provide some insight into the step-by-step process of manually reverse engineering a malicious HTML attachment and how to extract important information. We will look at the different types of reverse engineering, the how, what, and why an attack was carried out, and interesting obfuscation techniques being utilized by threat actors. What is Reverse Engineering? Reverse engineering is the process of analyzing software, typically closed source, to better understand its inner workings. This is achieved by working backwards, whereby the software is disassembled piec ..read more
Visit website
A Hidden Threat: How Mesh Detects QR Code Phishing “Quishing” Video Breakdown.
Mesh Blog
by Paul Rothwell
10M ago
Introduction In recent months, there has been a significant rise in QR code phishing attacks, successfully bypassing email filters and leading to compromised mailboxes. Why are QR code, also known as “Quishing,” attacks becoming more popular? These appear harmless as we use QR codes from restaurant menus to airline tickets. However, they are an effective way to hide a malicious threat. The QR code itself can conceal a malicious link, which can appear as a standard image if not actively scanned and parsed. Given the widespread use of scanning QR codes daily by millions of people, receiving one ..read more
Visit website
Twitter URL Shortening Service Being Utilized in Phishing Campaigns
Mesh Blog
by Guest User
1y ago
Introduction Impersonation of a known brand is a common tactic used in phishing emails. In this type of attack, the attacker poses as a trusted individual or organization in an attempt to gain the victim's trust. Typically, threat actors will use official images and copy the structure of legitimate emails to make the impersonation more convincing. The goal of these emails is to trick the user into clicking a link and sharing credentials. Frequently URL shortening services are used to make malicious URLs seem more trustworthy and harder to detect. In recent weeks we have noticed a trend of new ..read more
Visit website
Fingerprinting & Fuzzy Hashing Explained
Mesh Blog
by Guest User
1y ago
Introduction Humans can easily tell when two things are visually similar, however, for a computer this task is not as straightforward. In recent years we have seen an uptick in new technology, such as computer vision, that are extremely promising. Computer vision is closing the gap between human and machine at an astonishing pace, as a result, companies are leveraging its powerful capabilities for a variety of purpose. While impressive and feeling like a solution to a variety of problems, there are some limitations. Deploying at scale is very resource intensive in both monetary and physical te ..read more
Visit website
Attack Stories: A Sustained & Targeted BEC Campaign On A Manufacturing Company
Mesh Blog
by Callan Price
2y ago
Reading Bakery Sytems, Pennsylvania, USA What is Business Email Compromise (BEC) Business email compromise (BEC) — also known as Email Account Compromise (EAC) — is one of the most financially damaging online crimes. These are emails that appear to come from a known or trusted source making a legitimate request. These impersonation attempts typically take the form of: A vendor or supplier requesting a payment A high-ranking exec requesting a purchase or some kind of financial transaction An employee requesting a change to their payroll information. BEC scams are often highly researche ..read more
Visit website
3 Key advantages Mesh Offers MSPs Over Microsoft 365
Mesh Blog
by Brian Byrne
2y ago
It’s one of the most frequently asked questions we hear from MSPs - “why should I use Mesh when my clients have EOP or Microsoft Defender?” Leaving the detection benefits aside for another day, here are 3 key advantages Mesh offers MSPs over using EOP or Defender from Microsoft. 1 - Message Tracing & Response Most MSPs receive several tickets each day relating to emails - usually from users who cannot find an email or, whom have received a suspicious email they wish to query with you. In both scenarios, the MSP response is similar. Login to the client’s tenancy and use the Message Trace fu ..read more
Visit website

Follow Mesh Blog on FeedSpot

Continue with Google
Continue with Apple
OR