New Threat Research from Mimecast: The ROPEMAKER Exploit

Blog Post created by user.v1YcBgOpe0 Employee on Aug 22, 2017

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.


How do you get ahead of cyber attackers? For the most part, security defenders, such as Mimecast, spend a lot of time reacting to the latest tools and techniques used by cybercriminals. In fencing terms, they lunge, and we parry on behalf of our customers. And then sometime later they lunge again...and we parry again. 


With a network of tens of thousands of customers and billions of emails a month, we see a lot of stuff. One time it is a new flavor of ransomware sent as an attachment, and the next it is a malicious URL meant to harvest your users' credentials. And 'round and 'round it goes..and goes.


However, anyone who follows hockey knows that one of the best techniques to win is to skate to where the puck is going and not to where it currently is. In the context of security, that means continuously conducting, periodically reporting on, and quickly updating defenses based on threat research that is ahead of the attackers. Now we lunge and they parry (perhaps). Today, we have done just that.


Read about the newly disclosed ROPEMAKER email exploit that Mimecast has just brought public via this blog and the associated deep-dive paper


You can also learn more about the security control we have added to TTP - URL Protect to help defend against an attack that might try and leverage this technique.


I encourage your questions and comments!