Email Security

Focuses on protecting email systems from threats such as phishing, malware, spam, spoofing, and unauthorized access, ensuring safe and secure communication.

Posts in this category
All posts
2.3 million emails. One exposed API key. $10K bill.

How DMARC forensics exposed an API key leak, 2.3M unauthorized emails, and a $10K bill.

2.3 million emails. One exposed API key. $10K bill.
Email Security
Backscatter Injection Attacks Exploiting Legitimate Infrastructure

Attackers use backscatter emails to bypass filters, harming servers and delivering phishing content.

Backscatter Injection Attacks Exploiting Legitimate Infrastructure
Email Security
The Risks of Abruptly Enforcing DMARC p=reject in Organizations

Sudden DMARC enforcement can disrupt workflows, block emails, and impact organizational operations significantly.

The Risks of Abruptly Enforcing DMARC p=reject in Organizations
Email Security
How a Fake Bank Transfer Email Nearly Fooled Me

Spoofed emails can mimic trusted senders, highlighting risks in elementary school communications.

How a Fake Bank Transfer Email Nearly Fooled Me
Email Security
Microsoft 365 Groups Bypass DMARC, Exposing Organizations to Spoofing

Microsoft 365 groups can deliver spoofed emails despite failing SPF, DKIM, and enforced DMARC policies.

Microsoft 365 Groups Bypass DMARC, Exposing Organizations to Spoofing
Email Security
Why Subdomain DMARC Policies Are Often Unnecessary

Proper DMARC enforcement on the root domain protects non-existent subdomains without needing separate policies.

Why Subdomain DMARC Policies Are Often Unnecessary
Email Security
Why Regular Password Changes Still Matter in Real Cybersecurity

Even with MFA, forced password resets help contain breaches and limit ongoing attacker access.

Why Regular Password Changes Still Matter in Real Cybersecurity
Email Security