Event log with filtering capabilities to conveniently search and export events to a CSV file for further analysis.
Improved mechanism for detecting sophisticated attacks aimed at compromising corporate correspondence (such as BEC attacks and Active Directory spoofing attacks).
A type of attack based on the falsification (spoofing) of transmitted data. Spoofing may be aimed at obtaining elevated privileges, primarily through bypassing the verification mechanism by generating a request similar to an authentic request. One variant of spoofing is to forge an HTTP header to gain access to hidden content.
The goal of spoofing may also be to deceive a user. A classic example of such an attack is the falsification of the sender's address in emails.
Business Email Compromise (BEC) refers to fraudulent business correspondence for the purpose of committing financial fraud, acquiring confidential information, or undermining the reputation of a company. A BEC attack normally involves an entire sequence of actions that ultimately provide hackers with the opportunity to begin correspondence with an employee of a company, gain that employee's trust through the use of social engineering techniques, and persuade the employee to perform actions that conflict with the interests of the company and/or its customers.
Added Kaspersky URL Advisor module in message processing rules to detect malicious links, adware links and legitimate software links, and distinguish them from phishing links.
Added spam detection technology based on recognition of spoofed domains (look-alike).
Upgraded operating system preinstalled in the ISO image and updated Mail Transfer Agent (MTA).