Technology has never been more central to our ways of living, connecting, and transacting, while the digital landscape has become both a haven and a battleground. The rise of cyber threats poses significant risks to individuals and organizations alike, making cybersecurity a critical aspect of our digital lives.
So, as we navigate these turbulent times, we pause to reflect back on all that we are grateful for, and we thank MailGuard’s dev ninja’s for a flurry of activity and ongoing innovations in the run home to the end of the year.
Here’s a re-cap:
Whatever the circumstance, the clock is ticking for Admins and partners to find and remediate email threats, or false positives. With these use cases and more in mind, our team remain committed to providing the tools necessary to ensure Admins and partners are up to any challenge.
Mail Transfer Agent (MTA) Improvements
Traceability and tracking of emails are paramount for security and compliance, so MailGuard invested heavily in improvements to its Mail Transfer Agent (MTA) to enhance the user experience and performance. Updates provide for better visibility into the journey of emails through the tracker.
Learn more about how to use the email tracker here:
https://support.mailguard.com.au/hc/en-us/articles/201840190-How-to-use-Email-Tracker
Backend Tracker Database Enhancements
Speed and efficiency are crucial in security operations (SecOps), so backend tracker database enhancements aim to significantly reduce the time taken to execute a search, and to minimise latency, enabling Admins to work more efficiently.
Learn more about how to use the email tracker here:
https://support.mailguard.com.au/hc/en-us/articles/201840190-How-to-use-Email-Tracker
Quarantine Management Feature Enhancement
A critical task for Admins is the ability to administer email quarantine – to determine if a message should be rejected, quarantined or delivered, and to action it accordingly.
New enhancements specifically bolster quarantine management and streamline processing to make life easier for Admins.
Dedicated Quarantine Release Handler
MailGuard now features a dedicated Quarantine Release Handler to expedite the release of quarantined emails.
In the past, the process of releasing events from email quarantine involved multiple checks before emails could be safely delivered to end users. To address the issue, MailGuard implemented a significant system redesign, streamlining post-processing checks while maintaining the same level of scrutiny.
Read more here for how to release a message from Quarantine:
Enhanced Quarantine Search – Search By Policy Type
Admins can also now search by policy type in quarantine. The function even works for deleted policies, simplifying email management and retrieval.
Continued enhancements to MailGuard’s Encryption Policy
By default, SMTP, the protocol used to send emails, lacks encryption, making email communication vulnerable to various security threats. In many instances, emails are sent without any protection or rely on weak encryption protocols. This leaves email messages exposed to potential man-in-the-middle attacks and eavesdropping by malicious actors during transmission.
MailGuard employs opportunistic TLS, a critical feature that ensures the secure transmission of your emails. This means that MailGuard always initiates email connections using the most secure version of TLS available.
If both the sending and receiving servers support it, we establish a connection with the highest level of encryption. If not, the system automatically negotiates and chooses the strongest TLS cipher that both parties can agree upon.
MailGuard also added further enhancements to its Encryption Policy. It’s a customisable policy that allows partners and administrators to detect and block emails delivered through legacy encryption protocols like TLSv1.0 and TLSv1.1, identifying and addressing encryption weaknesses.
Read more here about ‘How to configure an Encryption policy (TLS)’:
Advancements to Email Authentication Policies
Email authentication, or email validation as it is otherwise referred to, is crucial to ensure that emails are sent from legitimate sources. It’s especially vital for thwarting phishing and spoofing attacks. MailGuard instituted a new Authentication Policy that provides partners and administrators with the capability to identify and block emails based on failed email authentication, such as SPF or DKIM failures.
Read more here about configuring an SPF/DKIM policy (Authentication policy type):
Spear Phishing Policy Upgrades
MailGuard upgraded its bespoke Spear Phishing Policy, enabling the system to detect and combat evolving evasion methods, such as the use of multiple character sets and special characters, more effectively. By continuously improving our defences and by using fuzzing matching techniques, MailGuard is better equipped to protect your organization from advanced and cunning threats.
Read more here about how to configure and manage Spear Phishing policies:
The .webp image format is increasingly prevalent on the internet due to its efficient compression capabilities and support for animations. Typically considered a harmless image format is now being used to serve as an unsuspecting vector for malicious attacks.
The exploit leverages the image processing library within affected applications to execute arbitrary code. An attacker can embed malicious code within a .webp image, which is then executed when the image is opened in a vulnerable application. This effectively gives the attacker complete control over the compromised system, with potentially devastating consequences for users and organizations alike. MailGuard was among the first vendors to identify this new tactic, and customers are actively protected.
Partner Administered DKIM and Deferral Alerting
Partners can now administer Deferral Alerts and DKIM Outbound Signing on behalf of customers.
Deferral Alerting allows customers to proactively identify an issue on their destination server, if it is unable to receive emails from MailGuard. Rather than waiting for reports from their users that they are missing emails, they can subscribe to an alert in case their mail server cannot accept emails. Additionally, the count of emails and duration of deferral can be configured to avoid transient issues.
Now partners can subscribe for Deferral Alerts on behalf of their customers, to proactively respond to email delivery issues and ensure that important email communications are reaching their intended recipients without delay.
Partners can manage the settings for deferral alerting for customers in the MailGuard management console.
To learn more about Deferral Alerting, please refer to the MailGuard knowledge base article here:
Similarly, now partners can administer DKIM Outbound Signing on behalf of their customers. It simplifies the process of ensuring email authenticity, protecting against domain spoofing, and phishing attacks.
To learn more about DKIM Outbound Signing, please refer to the MailGuard knowledge base article here:
Backend Console Optimization – Speed & Performance
To boost the speed and performance of the MailGuard management console, the MailGuard team implemented a raft of backend optimizations that result in a smoother and more efficient user experience, allowing Admins to work more effectively.
Enhanced Quarantine Search
With enhancements to quarantine search, Admins now have the capability to search by policy type in Quarantine, even if the policy has been deleted. The update streamlines the process of locating specific emails and simplifies email management.
Refined DKIM Traffic Light Indicators
DKIM traffic light indicators are valued by customers and partners, so our team introduced further measures to fine-tune them providing better alignment with DKIM status and providing users with clearer and more precise information about email authenticity.
QR Code Detection and Image-only Spam Prevention
A relatively new and emerging trend involves scammers inserting images, and in particular QR codes into emails, in the hope that an unsuspecting email recipient will click through on the associated URL. The tactic is designed to bypass email filters that routinely scan any links that have been included within the body of an email.
MailGuard introduced updates to prevent image-based spam and QR code-related threats to enhance capabilities and stopping power.
Expanded Encryption Policy
In an era where data privacy is paramount, MailGuard expanded its granular control for an encryption policy release, enabling customers to identify and respond to instances where encryption is lacking through the MailGuard policy set.
Spear Phishing Policy Enhancement
Spear phishing attacks are becoming increasingly sophisticated, where the phishing campaign is designed and targeted at specific individuals, often in conjunction with social engineering tactics to make the attack even harder to spot.
MailGuard introduced enhancements to its spear phishing policy to effectively identify newer evasion techniques. This update incorporates fuzzy logic to further bolster MailGuard's ability to detect even the most advanced and cunning threats.
Overcoming Turbulent Times in Cybersecurity
The rapid evolution of technology is revealing new frontiers, but it also paves the way for increasingly sophisticated cyber threats. From ransomware attacks to phishing scams, cybercriminals are employing a myriad of techniques to exploit vulnerabilities and compromise sensitive information. The consequences of a successful cyber attack can be devastating, ranging from financial losses to reputational damage.
As the frequency and severity of cyber attacks continue to escalate, the need for robust cybersecurity solutions has never been more apparent. One of the primary entry points for cyber threats is email, making it crucial for organizations to fortify their defenses against email-based attacks. MailGuard, a frontrunner in the realm of cloud email security, has been at the forefront of developing cutting-edge solutions to address these challenges.
Its latest feature developments and enhancements are in response to the dynamic and ever-changing threat landscape, enhancing its capabilities to safeguard businesses from evolving cyber threats. As new threats and tactics continue to emerge, the importance of staying ahead of the curve cannot be overstated.
Keeping Businesses Safe and Secure
Prevention is always better than a cure, and one of the best defences is to encourage businesses to proactively boost their company’s cyber resilience levels to avoid threats landing in inboxes in the first place. The fact that a staggering 94% of malware attacks are delivered by email, makes email an extremely important vector for businesses to fortify.
No one vendor can stop all email threats, so it’s crucial to remind customers that if they are using Microsoft 365, they should also have a third-party email security specialist in place to mitigate their risk. For example, using a third-party cloud email solution like MailGuard.
MailGuard provides a range of solutions to keep businesses safe, from email filtering to email continuity and archiving solutions. Speak to your customers today to ensure they’re prepared, and get in touch with our team to discuss strengthening your customer’s Microsoft 365 security.
Talk to us
MailGuard's partner blog is a forum to share information; we want it to be a dialogue. Reach out to us and tell us what your customers need so we can serve you better. You can connect with us on social media or call us and speak to one of our consultants.
