According to Verizon 2012 Data Breach Investigation Report, about 80% of all victims of malware attacks are targets of opportunity. With 94% of data compromised involving servers, it is essential to pay attention to server security. And as email is one of the tools that is used on a daily basis in any business, email security is of utmost importance.
A lot of attacks have used the Blackhole exploit URLs. According to the Threat Report H1/2012 by F-Secure Labs, as many as 1 out of 25 emails contain spam with such a malicious URL which is intended to deliver a malicious payload to a victim’s computer. The Blackhole exploit kit targets vulnerabilities in the operating system, old versions of browsers such as Firefox, Google Chrome, Internet Explorer and Safari as well as many popular plugins like Adobe Flash, Adobe Acrobat and Java.
As normal spam filtering may not catch these kind of threats, it is important to understand the new forms of the spam emails. Ordinary spam definition updates are too slow and usually do not protect you from the Blackhole exploits, so Real-time URL reputation check is a must to have.
Windows and Java continue to be the most popular targets. F-Secure Threat Report H2/2012 states that a vast majority of exploit attacks in general relate to four commonly known vulnerabilities in Windows or Java, and all of these already have security patches.
With this in mind, it is essential to protect servers and email efficiently enough from attack.
F-Secure E-mail and Server Security solution uses the same awarded DeepGuard technology as Client Security, which has been given the Approved Corporate Endpoint Protection certificate by AV-Test. Check out the latest supported platforms on our Downloads page.
E-mail and Server Security was the first product launch for which I was responsible for on the marketing side here at F-Secure. And this is my first blog post in Save and Savvy as well! Time seems to have been flying since I joined the company at the beginning of March, there are so many interesting things going on.
Malware is an omniscient threat – it’s present even when people don’t realize it. Understanding the threat is a key component of protecting yourself and your devices, and nothing drives that point home like cold hard facts and comprehensive research. F-Secure just released its latest Threat Report, which provides important insights into contemporary digital threats. The report details the various changes and trends in the digital threat landscape using data collected during the 2nd half of 2014. The threat report is full of important information, and it’s worth checking out to get some ideas about what attackers are cooking up. Trends like social media malware, exploits, and ransomware are detailed in the report. But there’s tons of important information people should be aware of, and so we put together an infographic to give you a quick overview of the report. The report provides lots more information about the threats, incidents, and trends that were prominent in the latter half of 2014. There's also some insightful words penned by F-Secure security researchers to give you a little context about why you need to arm yourself with knowledge to defend yourself against digital threats. You can download the full threat report for free from F-Secure’s website.
For this year's World Day against Cyber Censorship, F-Secure is giving away free subscriptions for our one-button Freedome app. You can use the key qsf257 to get a free 3-month subscription to Freedome! Freedom of expression is an important issue for everyone. Developments over the past year have highlighted how sensitive the matter is. It transcends national and cultural borders, yet these borders shape the issue differently for people across the globe. It belongs to us all, but it means different things to different people. Reporters without Borders launched the World Day against Cyber Censorship in 2008. Its intent is to raise awareness that our rights to say what we really think are not something to take for granted. Free speech is a dynamic concept that constantly grows and contracts in the face of developments that threaten its growth. While the Internet has given many people across the globe a powerful new voice, there are always threats mobilizing against this invaluable resource. The World Day against Cyber Censorship draws attention to this struggle. Last year Reporters without Borders compiled a list of what they call “Enemies of the Internet” as part of the annual event. If you look through it you’ll notice a diverse list of government agencies from nations across the world. Many of the events that highlight the fragility of our digital freedoms are attributable to these institutions, such as the Gemalto hack that saw the encryption keys to millions of phone calls stolen by the NSA and its fellow conspirators. And in some cases surveillance is just the beginning, as once these institutions identify their targets they can escalate their actions to include oppression. Hong Kong protestors saw this when local pro-democracy websites became infected with malware. Turkish people saw this during the Twitter crackdown. Drawing attention to these agencies as “enemies” of the Internet places the struggle within a larger dichotomy – enemies and allies. Even if it is a bit of a cliché or oversimplification of the conflict, it points out that people still have an opportunity to mobilize and assert their rights. And nobody is alone in this fight - we all have enemies and allies in this struggle. Having said all of this, World Day against Cyber Censorship isn't all about doom-and-gloom. Reporters without Borders is working to circumvent a number of websites blocked by governments. The Electronic Frontier Foundation continues to work to inform, educate, and represent the voices crying out for a free and open Internet. And F-Secure wants to help by making privacy and security solutions easy and accessible for people all over the world. Just get your trial version of the app and then use the key when it asks for your subscription number. Freedome gives you a one-button app that lets you encrypt your communications, disable trackers, and even change your virtual location. Check out this blog post for more information about the app. It's first come first serve, so don't miss this chance to take control of your digital freedom!
This year’s Mobile World Congress (MWC) is coming up next week. The annual Barcelona-based tech expo features the latest news in mobile technologies. One of the biggest issues of the past year has enticed our own digital freedom fighter Mikko Hypponen to participate in the event. Hypponen, a well-known advocate of digital freedom, has been defending the Internet and its users from digital threats for almost 25 years. He’s appearing at this year’s MWC on Monday, March 2 for a conference session called “Ensuring User-Centred Privacy in a Connected World”. The panel will discuss and debate different ways to ensure privacy doesn’t become a thing of the past. While Hypponen sees today’s technologies as having immeasurable benefits for us all, he’s become an outspoken critic of what he sees as what’s “going wrong in the online world”. He’s spoken prominently about a range of these issues in the past year, and been interviewed on topics as diverse as new malware and cybersecurity threats, mass surveillance and digital privacy, and the potential abuses of emerging technologies (such as the Internet of Things). The session will feature Hypponen and five other panelists. But, since the event is open to public discussion on Twitter under the #MWC15PRIV hashtag, you can contribute to the conversation. Here’s three talking points to help you get started: Security in a mobile world A recent story broken by The Intercept describes how the American and British governments hacked Gemalto, the largest SIM card manufacturer in the world. In doing so, they obtained the encryption keys that secure mobile phone calls across the globe. You can read a recent blog post about it here if you’re interested in more information about how this event might shape the discussion. Keeping safe online It recently came to light that an adware program called “Superfish” contains a security flaw that allows hackers to impersonate shopping, banking, or other websites. These “man-in-the-middle” attacks can be quite serious and trick people into sharing personal data with criminals. The incident highlights the importance of making sure people can trust their devices. And the fact that Superfish comes pre-installed on notebooks from the world’s largest PC manufacturer makes it worth discussing sooner rather than later. Privacy and the Internet of Things Samsung recently warned people to be aware when discussing personal information in front of their Smart TVs. You can get the details from this blog post, but basically the Smart TVs voice activation technology can apparently listen to what people are saying and even share the information with third parties. As more devices become “smart”, will we have to become smarter about what we say and do around them? The session is scheduled to run from 16:00 – 17:30 (CET), so don’t miss this chance to join the fight for digital freedom at the MWC. [Image by Hubert Burda Media | Flickr]