Community Discussions

Recent Discussions

Building a Realistic and Global Phishing Simulation Library
In today’s digital landscape, phishing attacks remain one of the most persistent threats to individuals and organizations alike. To empower security teams with robust simulation tools that reflect the evolving tactics of cybercriminals, our team embarked on a project to develop a comprehensive set of phishing templates.…
10 Emerging Cyber Threats To Watch Closely In 2026
Good day Community - I found this article in Cyber Management Alliance and wanted to share it and get your thoughts: no surprise AI is on the list 😎 "Emerging cyber threats are racing through blind spots that didn’t even exist a year ago. What used to be a “rare exploit” is now a Tuesday afternoon. And the problem is that…
The Impact of New Outlook on Mimecast Products: What You Need to Know
Microsoft's New Outlook represents a significant shift in how organizations interact with their email systems. This transition has important implications for Mimecast customers using products like Large File Send, Secure Messaging, Continuity, and Cybergraph. Let us explore what these changes mean and how to navigate them…
URL Pre Scanning Available Now!
Stop Malicious URLs Before They Reach Your Users Inbox Email security is evolving, and Mimecast is leading the charge with a fundamental shift in how we protect your organization from URL-based threats. We're excited to announce URL Pre-Delivery Scan—a capability that transforms our approach from reactive protection to…
Mimecast Global Threat Intelligence Report – Policy Recommendations
Essential Mimecast Configurations Based on 2025 Global Threat IntelligenceThe cybersecurity landscape continues to evolve at breakneck speed, and our 2025 Global Threat Intelligence Report reveals concerning trends that demand immediate attention. Advanced business email compromise attacks are becoming more sophisticated,…
Services Australia Impersonation Drives Year-Round Credential Theft Operation : 17 October 2025
Key Points MCTO3001 - Threat operation with Services Australia and Centrelink impersonation campaigns across multiple sectors Infrastructure abuse of legitimate email services (SendGrid, Mailgun, Office 365) with Australian Gov display name Campaign objective: Credential harvesting and data theft through government…
Conflict-Themed Social Engineering Distributes RATs Across Eastern Europe : 17 October 2025
Key Points MCTO1025 also referred to as UCA- 0050 a cybercrime group conducting sustained year-long campaign targeting Ukraine, Romania, and Moldova from single ASN infrastructure Sophisticated social engineering campaigns impersonating Ukrainian and Russian security services, evacuation plans, and military mobilization…
SharePoint File Sharing Abuse with CAPTCHA Evasion : 17 October 2025
Key Points Threat actors exploiting SharePoint file sharing services for credential harvesting Multi-stage attack chain using compromised accounts and sophisticated evasion techniques Campaigns require Ctrl+Click interaction to bypass automated security analysis Fake Cloudflare CAPTCHA verification preceding Microsoft 365…
HR-Themed campaign Shifts from Credentials to RMM Tools : 17 October 2025
Key Points Long-running credential harvesting operation conducted by MCTO3022 targeting organizations with HR department impersonation Campaigns employ employee handbook compliance requirements and payroll authorization requests Latest campaign evolution includes Adobe PDF Sign impersonation that drops PDQConnect RMM tools…
HTML Tag Obfuscation : 21 July 2025
Key Points Threat actors utilizing HTML tag obfuscation to evade email security detection CSS styling techniques render malicious content evading security solutions while appearing legitimate to end users Brand impersonation campaigns leveraging Microsoft copyright obfuscation Campaign Overview The Mimecast Threat Research…
Has anyone been impacted by today's AWS outage?
Amazon Web Services outage hits major websites: What we know so far as recovery begins:From CNBC: https://www.cnbc.com/2025/10/20/amazon-web-services-outage-takes-down-major-websites.html
IT workers in video game space need to be aware of security risks, solutions
Chris Anley, a chief scientist with research firm NCC Group, told IT Brew that security issues in games run the gamut from platform-related concerns like social engineering to standard cyberattacks like ransomware. Those threats aren’t ignored, even if they’re not front-and-center for the IT pros and developers working on…
Let's discuss AI browsers
AI is here to stay, and I am sure many of you are utilizing it to increase productivity and streamline data analysis. Here are some highlights from an article in IT Brew: AI browsers are here, and so are attackers. From the article: "A browser powered by agentic AI could take care of buying plane tickets, setting…
Where Are You Searching?
Good day Community, We work continuously to make Mimecast Community a valuable resource for product education and support to make you productive. Because we strive to improve your experience, I would like to learn what resources you are using outside of Mimecast Community or the Knowledge Hub for product questions. Google…
CometJacking: One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief
AI is here to stay, and Perplexity has launched its new browser, Comet. Before you download it or if you are using it, please see this article from The Hacker News: https://thehackernews.com/2025/10/cometjacking-one-click-can-turn.html Please share your thoughts on AI Browsers below. Cheers, Toby
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241% from June to August 2025, dwarfing the 85% growth of all…
Turn Security Data into Strategic Value with the Mimecast Human Risk Insights Report
Security leaders face a persistent challenge: demonstrating the tangible value of cybersecurity investments to executive leadership and boards. While threat detection numbers pile up in dashboards, translating those statistics into meaningful impact remains complex. We’re excited to announce the Mimecast Human Risk…
Adaptive Policies in Action
In our previous post, we explored the Human Risk Command Center (HRCC) and how it transforms abstract human behavior into quantifiable metrics. Now we're diving deep into adaptive policies—the intelligent controls that automatically adjust security measures based on user behavior and organizational threats. Read…
LinkedIn Article: Your AI Guide - Practical, hands-on AI tips and tools
Good day all, I found this newsletter discussing AI on LinkedIn and wanted to share. https://www.linkedin.com/newsletters/your-ai-guide-7322614464896192512/ What are tools and resourses you are using to learn about and best utilize AI in your role? Cheers, Toby
Welcome to The Lounge
We spend so much time focused on products and solutions, let's connect on a more personal level; think of this as a casual coffee chat. What are your favorite things to do after hours? What’s a song or band you’ve had on repeat lately? Is there a must-watch show or movie you’re bingeing that you think we’d all love? Or…