public:emai:malware

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
public:emai:malware [2023-03-09 09:42] veselypublic:emai:malware [2023-03-09 12:11] vesely
Line 12: Line 12:
  
 **The generously opened and heterogeneous nature of the academic and research institution is extremely vulnerable to such kind of threat.** Regular enterprises and other profit-making businesses are usually much more homogenous with much simpler rules and measures against the third parties (no IMAP, no access to emails from non-business devices, strict mobile device management, blocked or limited traffic etc.). **The generously opened and heterogeneous nature of the academic and research institution is extremely vulnerable to such kind of threat.** Regular enterprises and other profit-making businesses are usually much more homogenous with much simpler rules and measures against the third parties (no IMAP, no access to emails from non-business devices, strict mobile device management, blocked or limited traffic etc.).
- + <font inherit/inherit;;#f39c12;;inherit>**Both areas**</font>  of 
-Both areas of malicious or potentially problematic emails and regular emails are overlapping; it is not easy to distinguish between them sometimes.+ <font inherit/inherit;;#c0392b;;inherit>**malicious or potentially problematic emails**</font>  and 
 + <font inherit/inherit;;#339933;;inherit>**regular emails**</font>  ** <font inherit/inherit;;#f39c12;;inherit>are overlapping</font> **; it is not easy to distinguish between them sometimes.
  
 **The most dangerous threats are usually those of the "zero day attack" nature**; they usually take advantage of badly protected or misprotected email servers and domains so they can mimic the regular sender.\\ **The most dangerous threats are usually those of the "zero day attack" nature**; they usually take advantage of badly protected or misprotected email servers and domains so they can mimic the regular sender.\\
Line 43: Line 44:
   * [[:public:emai:malware#bad_dmarc|Bad DMARC]] -   * [[:public:emai:malware#bad_dmarc|Bad DMARC]] -
  <font inherit/inherit;;#f39c12;;inherit>[Bad DMARC]</font>  - the sender's domain does not have DMARC record and SPF set properly.  <font inherit/inherit;;#f39c12;;inherit>[Bad DMARC]</font>  - the sender's domain does not have DMARC record and SPF set properly.
-  * [[:public:emai:malware#bad_dmarc|Bad ARC]] -+  * [[:public:emai:malware#arc|Bad ARC]] -
  <font inherit/inherit;;#f39c12;;inherit>[Suspicious - bad ARC]</font>  - the sender's email has ARC Seal but it's validation did not succed (e.g. invalid calculated email hash).  <font inherit/inherit;;#f39c12;;inherit>[Suspicious - bad ARC]</font>  - the sender's email has ARC Seal but it's validation did not succed (e.g. invalid calculated email hash).
   * [[:public:emai:malware#ip_reputation_database_-_dnsbl|DNSBL listed]] -   * [[:public:emai:malware#ip_reputation_database_-_dnsbl|DNSBL listed]] -
  • /var/www/html/dokuwiki/data/pages/public/emai/malware.txt
  • Last modified: 2023-03-09 12:13
  • by vesely