According to update, throughout 2016, phishing attacks increased in intensity and sophistication. One of the leading causes of network infiltration and data theft is phishing, and mostly deceptive email used for that purpose.
Online criminals send emails which appear to originate from trusted institutions or banks. When links present in the emails clicked, the attacker establishes a beachhead and gathers information for an attack on the critical system.

Vade Secure is the global leader in identifying anti-phishing, spear phishing, malware and ransomware with heuristic filtering. Language independent, the filter analyzes globally all incoming emails (links, attached files, content…) to detect all threats in zero-day, even the most targeted attacks. After eliminating all threats, Vade Secure removes the nuisance of low priority emails with Graymail Management. Ads, social network notifications, and newsletters are automatically sent to a graymail folder while a Safe Unsubscribe button eliminates them forever.

Vade Secure’s solutions are used by major ISPs, OEMs, and Enterprises worldwide, protecting more than 300 million mailboxes in 76 countries. Vade Secure is implanted in 5 countries (USA, Canada, France, Hong Kong and Japan) to offer 24/7 support.

Vade Secure analyzes incoming email to filter out spam, scam messages, phishing attempts, viruses, and Trojan horses from customer inboxes. It instantly classifies graymail (newsletters, commercial email, and social network notifications) for easy filtering.

Vade Secure integrates directly with traditional email clients and with atmail’s web-based offering, ensuring a consistent, clean inbox experience across platforms.

Protection against Ransomware

• Web Hosting company hosts thousands of websites. Hence security against Ransomware is also becoming a primary concern to customers.
• Ransomware is a malicious software which prevents or limits users from accessing their system.
• Erebus utilizes a technique to bypass User Account Control to infiltrate the user’s system and ask for ransom.

For mission-critical systems and business continuity, disaster recovery systems must be fully advanced as long recovery times are unacceptable. The gap between RTO (Recovery Point Objective) and RPO (Recovery Time Objective) must be minimum.

With the E-commerce growing rapidly legacy scheduled backups are always inadequate. Incremental forever backup techniques are required, to handle backup of data collected on the daily basis.

Continuous data protection eliminates the problems associated with the backup window, which creates very frequent, block-level backups rather than nightly backups. Every few minutes newly created or modified storage blocks copied to the backup targets like storage arrays or remote machines. Thus, reducing the recovery point objective (RPO).
Losing a few minutes data is more affordable then losing a data of entire day.

It simplifies the delivery of secure web applications for developers. There is a global network of Content servers in various parts of the globe protected with web application firewall (WAF) and DDoS mitigation setup.
Users offered with real-time analytics and 24/7 support. Most of the companies charge on pre-paid bandwidth.

The previous attack was of 620Gbps (Gigabits per second) on security expert Brian Krebs’ website, which leads to website offline for nearly a week.

OVH attacked by a botnet (zombie army) of hacked devices such as webcams to knock it offline. It has thrown the spotlight once again on the security of IOT (Internet of Things) devices. A website is hit by a massive amount of data so-called distributed denial of service attack.

According to Akmail the security firm that supported the site – the attack was nearly double the size of any previous one it had seen and was “among the biggest assaults the internet has ever witnessed”.

Recently Symantec security firm reports that cybercriminals looking for vulnerable devices such as TVs, home security systems and webcams for IOT malware.

Symantec General Manager Nick Shaw says:
[QUOTE]Cybercriminals are interested in cheap bandwidth to enable bigger attacks. They obtain this by hijacking our devices and stitching together a large web of consumer devices that are easy to infect because they lack sophisticated security,[/QUOTE]

Chief Technology Officer at Security firm Corero Dave Larson says:

IoT botnets were disrupting the industry. The tools and devices used to execute the attacks are readily available to just about anyone; combining this with almost complete anonymity creates a recipe to break the internet.

Now cybercriminals are targeting Online gambling companies. A new most powerful DDOS attack ‘Mirai’ registered publicly on September 30, 2016, hacking community website HackForums. Thousands of meaningless requests for information temporarily paralyzes the company’s website until demanded a ransom paid or web-hosting technical can fend off the threat.

Hackers have potent to hold, and online business owners are unsure to protect themselves and their customers completely. The bot has terrifying capabilities and is multitudinous in nature, and coming from every place on the face of the planet.

Corero Network Security

How about Corero Network Security DDoS defense solutions? Why not hosting providers trust on such 3-rd party vendors?

Coreror is the leader in real-time, high-performance DDoS defense solutions. It provides automatic attack detection in real time and mitigation, coupled with complete network visibility, analytics, and reporting. Only legitimate user traffic is allowed to continue to flow as intended. It acts as a black box, requiring little or no intervention from any security or operations personnel.

Server Management Services

Linux widely used Open Source Operating System which includes: RedHat, Debian, CentOS and Ubuntu
Automated secure and patch services available like ‘ksplice’ or ‘kernelcare.’

Why patch and update Operating System?
Patch and update close loopholes. Otherwise, the system exposed to exploitation due to vulnerabilities.

Linux Vulnerabilities
Dirty COW, the Linux kernel security flaw (CVE-2016-5195), discovered in virtually all Linux Operating system versions. A High priority privilege-escalation vulnerability exists in a section of Linux Kernel, which allows any installed malicious app to gain administrative (root-level) access to a device and completely hijack it. Linux copy-on-write (COW) mechanism broke, and malicious program tamper real-only, root-owned executable files and setup executables. An unprivileged local user gain writes access to otherwise read-only memory mappings and thus increase their privileges on the system.
The Dirty COW vulnerability is about nine years old vulnerability, present in the Linux Kernel since 2007, but recently being exposed.
Androids powered by Linux Kernel believed to be vulnerable to it.

Updated and patched server fixes susceptible ‘Dirty Cow’ bug and the environment gets protected.

Google Chrome will give warning “Not Secure” for HTTP sites after January 2017. Google want a connection between Chrome and web page more secure i.e. private. A green lock in the URL indicates HTTPS connection which points “Your connection to this site is private.”

Google search already started preferring HTTPS web pages over HTTP pages.

Web hosting providers like Automatic, WordPress.com has already turned on SSL for their hosted customers in April 2016.
Let’s Encrypt, a project of the nonprofit Internet Security Research Group provides the free certificates to Dreamhost, Squarespace, and WordPress. Dreamhost requires you to purchase unique IP address on your hosting plan for free SSL.

Hosting Providers like ZDNet and Hivelocity offers free Let’s Encrypt certificates

Let’s Encrypt

• It is Open Certificate Authority providing free and automated SSL-Certificates to enable HTTPS for websites supported by Google Chrome, Mozilla, and EFF.

Formerly known as Commtouch Software Ltd
Security-as-a-Service provider engaged in developing and marketing information security solutions for protecting The Web, e-mail, and mobile transactions.

Headquartered: Herzliya, Israel

Establishment: February 10, 1991

Company Technologies: CYREN GlobalView Cloud and Recurrent Pattern Detection (RPD)

Services Offered

• CYREN WebSecurity (CWS), CYREN EmailSecurity, Cyber Intelligence Suite, and Embedded Solutions.
• Messaging solutions includes anti-spam, Outbound Spam Protection for service providers, Zero-Hour virus outbreak protection, and GlobalView Mail Reputation services, as well as Command Antivirus and GlobalView URL Filtering services.
• Network and Security Solutions include unified threat management solutions, network routers and appliances, anti-virus solutions
• Integrated cloud security technology solutions that mitigate cyber threats, malware attacks, information leaks, legal liability and productivity loss through the application of cyber intelligence.
• Unified threat management (UTM) solutions, network appliances
• Antivirus and The Web security solutions

Customers

• The company delivers security services to a range of clients and original equipment maker (OEM)
• Content security gateways Service providers, such as Software-as-a-Service (SaaS) vendors, Web hosting providers, and Internet service providers