Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

Update to Rapid Detection & Response email messaging service

Rapid Detection & Response (RDR) email messaging service will be updated March 16th 2020.

After the email messaging service update content body will be base64 encoded compared to existing plain text.

Base64 encoded message content can easily be decoded manually or using MIME library meant for mail handling. Usually all email clients convert base64 to text automatically.


Example email notification message after the update:


Content-Type: multipart/alternative; boundary="===============4857744939220648954=="

MIME-Version: 1.0

Subject: HIGH RISK ALERT: Suspicious activity detected (ID 68-59456)

From: F-Secure <[email protected]>

To: [email protected]


--===============4857744939220648954==

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: base64


Ri1TZWN1cmUgUmFwaWQgRGV0ZWN0aW9uICYgUmVzcG9uc2UgZGV0ZWN0ZWQgdGhlIGZvbGxvd2luZyBhY3Rpdml0eToKIApDYXRlZ29yeSAgICAgICAgICAgIFRhcmdldGVkIGF0dGFjawpSaXNrIGxldmVsICAgICAgICAgIEhpZ2ggcmlzayA3NQpDb25maWRlbmNlICAgICAgICAgIE1lZGl1bQpDcml0aWNhbGl0eSAgICAgICAgIEhpZ2gKQWZmZWN0ZWQgaG9zdHMgICAgICA0IGhvc3RzCkNvbXBhbnkgICAgICAgICAgICAgUmFuZG9tIFRlc3QgQ29tcGFueQogClRvIHZpZXcgdGhpcyBCcm9hZCBDb250ZXh0IERldGVjdGlvbiwgb3BlbiB0aGUgUkRSIHBvcnRhbDoKaHR0cHM6Ly9wb3J0YWwucmRzLXN0Zy5mc3h0Lm5ldC9hcHAvZWRyL2RldGVjdGlvbnM/aW5jaWRlbnRJZD02OC01OTQ1NiZzb3VyY2U9Y3VzdG9tZXItbmV3LWRldGVjdGlvbg==


--===============4857744939220648954==--


Email message example before the update:


Content-Type: multipart/alternative; boundary="===============4857744939220648954=="

MIME-Version: 1.0

Subject: HIGH RISK ALERT: Suspicious activity detected (ID 68-59456)

From: F-Secure <[email protected]>

To: [email protected]


--===============4857744939220648954==

Content-Type: text/plain; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: base64


F-Secure Rapid Detection & Response detected the following activity:


Category           Targeted attack

Risk level          High risk 75

Confidence       Medium

Criticality         High

Affected hosts  4 hosts

Company          Random Test Company


To view this Broad Context Detection, open the RDR portal:

https://portal.rdr.f-secure.com/app/edr/detections?incidentId=68-59456&source=customer-new-detection


--===============4857744939220648954==--

Sign In or Register to comment.