Yes, phishing DOES leave a DMARC trail !

Interesting report with great insight from two industry heavyweights focused on the protection of email domains against abuse, Anti Phishing Working Group (APWG) and dmarcian Inc detailed some surprising results. The report combined APWG’s eCX databases holding approx 27 million reports and 8 million IPs with dmarcian’s HUGE database consisting of 2 billion reports and …

Yes, phishing DOES leave a DMARC trail ! Read More »

Sharing information to mitigate a phishing campaign

Sharing information is an important method to raise awareness of any potential issue. With the addition of practical advice, the reader can identify the relevance of that information and its usefulness to mitigate an issue. Reading this article again and again I keep on focussing on aspects that haven’t been addressed – of course there’s …

Sharing information to mitigate a phishing campaign Read More »

In response to “Raising the red flag on recent DMARC hype”

DMARC Compliance is a process that uses a DMARC dashboard as a tool to receive and analyse reports through which informed recommendations can be made. So lets discuss the flaws identified. Mailsploit – this website identifies bugs in certain email applications that are shown to be vulnerable to XSS and code injection attacks. In fact, …

In response to “Raising the red flag on recent DMARC hype” Read More »

Starting your SPF journey ? Add DMARC for greater success !

SPF (Sender Policy Framework) has been around for a decade but there are still many organizations that don’t have it implemented or are just beginning the journey. With email borne threats compromising the majority of attacks against both large and small organizations, SPF has been and still is an excellent starting point to authenticate the …

Starting your SPF journey ? Add DMARC for greater success ! Read More »

Has Patch Management has lost its ‘sexiness’ ?

Wannacry was a wake up call – to everyone !! The person serving you your lunch has heard about it – no disrespect intended. It’s reasonable to believe that following this massive issue that played out on a global stage, patch management would be front and centre on every executive’s operational focus. In fact, there …

Has Patch Management has lost its ‘sexiness’ ? Read More »

DMARC Compliance, Email Deliverability and IP Reputation – here’s the proof.

When working through an issue, it’s always best to have some type of statistical data to base a decision or to build a business case for a potential change. Of course we also need to keep in mind not to the taint the data and mold it into our predetermined or preferred premise. The assertion …

DMARC Compliance, Email Deliverability and IP Reputation – here’s the proof. Read More »

What personal prejudices are driving your behaviour and decision making ?

This hilarious comedy skit about Doctor Who being reborn as a woman has caught people – that reads ‘men’, by surprise ! The key message here is to reflect upon our own hidden prejudices that influence our behaviour in personal relationships, business, politics and social environments. For those not familiar with this hit British series …

What personal prejudices are driving your behaviour and decision making ? Read More »

Server & Workstation Patching for Nuclear Utilities– what you don’t know won’t hurt you !!

The Wannacry malware and the variants that came shortly thereafter, targeted platforms with known vulnerabilities specifically running operating systems that had been retired many years earlier. Microsoft for example, has a defined lifecycle policy on its products. The first milestone is end of Mainstream Support. Mainstream support mainly refers to free phone and online support, …

Server & Workstation Patching for Nuclear Utilities– what you don’t know won’t hurt you !! Read More »

$100M email fraud and the DON’T of DMARC Compliance

There’s an old saying that rings true most of the time and way too often namely “the plumber’s house has the worst plumbing in the street, or relating it back to technology “an online service provider still running on physical non virtualized servers”. The key message here is that for those that should know better …

$100M email fraud and the DON’T of DMARC Compliance Read More »