How to get email header in outlook and gmail

How to get email header in Outlook:

In Outlook 2016, 2013, or 2010
In an open email message, click the File tab.

On the Info tab, click Properties.

Header information appears in the Internet headers box.

 

In Outlook 2007
Open an email message.

On the Message tab, in the Options group, click the Dialog Box Launcher Icon image .

In the Message Options dialog box, the headers appear in the Internet headers box.

 

How to get email header from Gmail

  1. Log in to Gmail
  2. Open the message you’d like to view headers for.
  3. Click the down arrow next to Reply, at the top of the message pane.
  4. Select Show Original.
  5. A summary of the headers will appear in a new window. To get the full headers, click Download Original.

Note: If you use Gmail with a work or school account and have S/MIME enabled, you can click Download S/MIME Original or Download Decrypted.

 

 

 

 

DOs and DON’Ts to stay safe from Ransomware

Unless you live in a cave, you would definitely know what is a ransomware. It is a malware that is keeping Internet users awake at nights and restless during the day. It does not strike with a warning, and when it does it does not leave without causing a catastrophe.

Ransomware is a malware that takes your data or computer hostage and demands a ransom in exchange. To put it in a little technical manner, once the malware infects a computer, it starts encrypting (converting data into an unreadable form) the stored data (images, videos, documents, music files, game files, etc.). This is followed by a ransom note where the victim is informed about the encryption and the ransom (money) they should pay to get back their data.

We have had bouts of ransomware attacks recently. After WannaCry, which was the biggest ransomware attack in history, we came across the latest Petya Ransomware. This post speaks about this malware in detail and also lists out important safety measures.

In this infographic, we have listed the important dos and don’ts to stay safe from ransomware.

 

Reference by Quickheal ( http://blogs.quickheal.com/dos-donts-stay-safe-ransomware-infographic/ )

Enterprise Identity made easy in G Suite

As an IT administrator, you want to be confident that your users are secure when accessing online services. Millions of G Suite customers already rely on Google Cloud’s identity services to secure their online identities with tools like single sign-on, multi-factor authentication, and mobile device management. However, many G Suite organisations have users who do not require G Suite but still need a secure, online identity.

Introducing Cloud Identity support in G Suite
Today we are happy to announce the availability of a new free Cloud Identity license for G Suite customers, which enables your non-G Suite users to get access to Google Cloud’s identity services. Using Cloud Identity, you can easily create a unified sign-on for all your users across all enterprise cloud apps, set basic mobile device policies, and enforce multi-factor authentication with security keys.

Once you enable Cloud Identity in your Google Admin console, you will be able to create Cloud Identity users in all the ways you create G Suite users; the only difference is that you will not assign these users a G Suite license.

Cloud Identity header

Try it today 
To start using Cloud Identity, head to the Billing page in the Google Admin console. Here you will see a new Cloud Identity card under the “Enable Products” section. Once you enable the Cloud Identity subscription, you will be able to start creating free users without G Suite. For more information, check out our Getting Started Guide for G Suite admins.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release
Note: If your domain has been provisioned or you have a billing relationship with a GSuite reseller, an onboarding flow is planned so that your reseller can add Cloud Identity subscriptions to your G Suite domain. This feature will launch in the coming weeks.

Editions:
Available to G Suite Basic, Business, and Enterprise edition domains

Rollout pace:
Gradual rollout (up to 7 days for feature visibility)

Impact:
Admins only

 

Reference by Google.com

Project Fi now available for G Suite customers

With Project Fi, we aim to provide a wireless service that helps you get a high-quality connection wherever you areat home, on the go, or even abroad. We’ve designed the service to intelligently shift between networks so you’re always connected to the best available signal, whether that’s Wi-Fi or one of our three 4G LTE partner networks.

While Project Fi had been available to users with @gmail.com addresses, starting today we’re making G Suite compatible with Project Fi, allowing users (currently US only) to sign up with their G Suite accounts (e.g. you@yourdomain.com). Project Fi is off by default, so G Suite admins will need to enable Project Fi in the Admin console.

Note: Project Fi limits group plans to six users; it is not designed for large enterprises.

Check out the Help Center for more information.

Launch Details
Release track: 
Launching to both Rapid release and Scheduled release

Editions: 
Available to all G Suite editions in the US only

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

 

Reference by Google.com

G Suite administrators can now provision users to Asana

When auto-provisioning is enabled for a supported third-party application, any users created, modified, or deleted in G Suite are automatically added, edited, or deleted in the third-party application as well. This feature is highly popular with admins, as it removes the overhead of managing users across multiple third-party SaaS applications.

Today we’re adding auto-provisioning support for six new applications: Asana, Dialpad, Freshdesk, Lucidchart, RingCentral, and Smartsheet. We previously launched auto-provisioning support for Box Enterprise, Salesforce Sandbox, Salesforce, Slack, and Workplace by Facebook, bringing the total number of supporting applications to 11.

G Suite Business, Education, and Enterprise customers can enable auto-provisioning for all eight supported applications. G Suite Basic, Government, and Nonprofit customers can configure auto-provisioning for up to three applications from the supported list. For specific details on how to set up auto-provisioning, check out the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:

  • G Suite Basic, Government, and Nonprofit customers can enable auto-provisioning for up to three applications
  • G Suite Education, Business, and Enterprise customers can enable auto-provisioning for all supported applications

Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

 

Reference by Google.com

How to change host file in Windows

On occasion, you will need to edit the hosts file on your machine. Sometimes because of an attack or prank, and others so that you can simply and freely control access to websites and network traffic.

hosts files have been in use since ARPANET. They were used to resolve hosts names before DNS. hosts files would be massive documents used to aide the network name resolution.

Microsoft kept the hosts file alive in Windows networking which is why it varies very little whether used in Windows, macOS, or Linux. The syntax stays mostly the same across all platforms. Most hosts files will have several entries for loopback. We can use that for the basic example for the typical syntax.

The first part will be the location to redirect the address to, the second part will be the address that you will want to redirect, and the third part is the comment. They can be separated by a space, but for ease of reading are typically separated by one or two tabs.

127.0.0.1 localhosts #loopback

Now let’s look at accessing the hosts files in the different operating systems…

 

Windows 8 or 8.1 or 10

Open notepad using administrator rights.

Once you’ve done so, open up the following file using the File -> Open feature. c:\windows\system32\drivers\etc\hosts. Then you can edit as normal file.

 

Windows 7

To access the hosts file in Windows 7 you can use the following command in the Run Line to open notepad and the file.

notepad c:\windows\system32\drivers\etc\hosts

Once notepad is open you can edit the file. In this example, we will block Facebook. To do this just enter in the following after the # mark.

0.0.0.0 www.facebook.com

Now that you have edited your Hosts file make sure to save it.

 

 

 

 

Beware! The TrickBot Trojan is back

TrickBot Trojan was first identified in mid-2016 and considered similar to the Dyreza banking Trojan. Initially, the payload (the component of a computer virus that executes a malicious activity) was spreading through a malvertising campaign using the Rig Exploit Kit. From our current findings, we have found that TrickBot has changed its propagation technique and is now spreading using the Necurs Botnet (a distributor of many pieces of malware including ransomware). 1) Earlier we had discovered a malspam (malware that is delivered via email messages) campaign that was delivering the TrickBot Trojan. It contained blank emails with no subject line. It had scan_RandomNo.doc as a file attachment [e.g. – SCAN_4744.doc , SCAN_1254.doc] Fig 1. A blank email with SCAN_4744.doc as an attachment. The doc file contains embedded macro and its functionality was similar to that of the Dridex family. 2) Presently, this malspam campaign is now using zip attachments having keywords such as invoice as shown below. Fig 2. Email containing a .zip attachment Invoicepis_RandomNo.zip contains another .zip which has script file with an .wsf extension Fig 3 This .wsf file is executed using Windows ‘wscript.exe’and downloads extension-less encoded file in %temp% folder which is then decoded in the same location as same_file_name.exe. It then copies itself into the‘%appdata%\winapp’ folder. In addition to this, it downloads two additional components such as ‘client_id’ & ‘group_tag’. ‘client_id’ has information such as the name of the victim’s machine, OS version, etc. ‘group_tag’contain value such as ‘mac1’. This Trojan also inject DLLs into the installed browsers of the infected machine to steal information such as usernames, passwords, etc. In addition to this, we have also observed that a few .wsf files received during our analysis of this malspam campaign are spreading a new variant of JAFF ransomware. 3) On 14.06.17, we have observed another malspam campaign delivering TrickBot. Fig 4. Email containing zip as an attachment Fig 5 Emails delivered through this new malspam campaign contain RandomNo.zip having .docm file. .docm has embedded macro which when enabled downloads and installs components of the TrickBot Trojan on the infected machine. Quick Heal Detection 1. Quick Heal has detection for .doc, .wsf and the downloaded payload files. Fig 6 Fig 7 2. Quick Heal Behavioral-based detection successfully detects the malicious activities of TrickBot. Fig 8 Precautionary Measures 1) Avoid opening email attachments received from unknown, unwanted or unexpected sources. 2) Open all Microsoft documents, PDF files, etc., received as email attachments only in ‘Protected View’.

 

Reference by  Quick.com

Gmail admins can now notify internal senders when their email gets quarantined

Through Gmail compliance and routing settings, Gmail administrators can now choose to notify internal senders when their messages get quarantined, depending on your compliance rule.
Below is an example of the email that users will receive when their emails get quarantined:

To enable the feature: In the Admin console where you setup and configure policies to quarantine messages, there is now a checkbox at the bottom to “Notify sender when mail is quarantined (onward delivery only)”. This feature is default off for existing rules, but when you create a new rule, the default is on.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release
Editions:
Available to all G Suite editions
Rollout pace
Gradual rollout (up to 15 days for feature visibility)
Impact:
Admins only

 

Reference by Google.com

Stay away from the Fireball Malware – Update your Antivirus

In its latest advisory, the Indian Computer Emergency Response Team (CERT-In) has warned Internet users of the Fireball malware. This post explains what this virus is all about and how you can stay away from it. What is the Fireball Malware? Fireball is a browser hijacker that attacks the victim’s web browser. It is designed to perform the following activities: Generate fraudulent clicks on advertisements to make money for the attacker Make changes to the default web browser and its settings Download and execute other malware on the infected system Spy on the victim and steal their private information How does Fireball malware spread? Fireball is being distributed with freeware programs. So, when a user installs this freeware, they may also install fireball without even knowing about it. What should be done? If you think you may have installed free software in the past and noticed unusual changes in your web browser or computer, then follow these steps: Run an antivirus scan on your computer Uninstall programs which you don’t recognise. Go to Control Panel > Programs Uninstall browser add-ons (plug-ins, extensions) which you don’t recognise or don’t remember installing Reset your Internet browsers How Quick Heal helps? Quick Heal Antivirus successfully detects and blocks the Fireball malware. It detects it as: Pua.Elex AdWare.ELEX PUP.Elex If your PC is not protected, you may install the trial version of Quick Heal and run its Anti-malware scan. Download Quick Heal – 30 day Free Trial Tips to avoid such malware Avoid installing free software, especially those that do not have verified publishers Do not click on pop-up ads when you visit less popular and unknown websites, particularly those that offer free software download Do not click on links or download attachments in unknown or unexpected emails. Keep your antivirus up-to-date Apply all recommended security updates on your computer. Keep Automatic Updates ON If this post is helpful, share this post with your friends and family.

Reference by Quick Heal

 

 

Watch out for Android Ransomware – It’s rising!

Android-ransomware

It’s not only PC ransomware that you should be worrying about. Android ransomware too is on the rise…

Android ransomware has grown by 200% according to the study done by Quick Heal Security Labs for its Q1 Threat Report.

Click here to read the full report

Android ransomware work in the same fashion like PC ransomware do. The malware can lock your device or encrypt the stored data and demand a ransom to put things back to normal.

Tips to stay safe from Android ransomware

  1. Do not click on links or download attachments received in unknown or unexpected emails.
  2. Do not click on links received in text messages from unknown numbers.
  3. Avoid installing apps from unofficial or third-party sources.
  4. Keep a backup of your important data stored on your phone.

How Quick Heal Mobile Security app helps prevent ransomware and other malware threats

  1. Scans apps while they are being installed on your phone.
  2. Detects security vulnerabilities that might exist in the apps installed on your phone.
  3. Background scans inspects every downloaded app to ensure it is safe.
  4. The app receives automatic virus updates that help protect your phone from the latest viruses and malware.
  5. The app reviews the security level of your device and helps you keep it strong.

Reference by Quick Heal