#securitytip — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #securitytip, aggregated by home.social.
-
if your domain has no DMARC record, here's your 5-minute fix:
1. Run a DMARC check to confirm you have nothing published
2. Add this TXT record to `_dmarc.yourdomain.com`: `v=DMARC1; p=none; rua=mailto:[email protected]`
3. Wait 48 hours for reports to arrive
you're not enforcing yet. you're listening.
those aggregate reports will show you every IP address sending email as your domain.
-
if your domain has no DMARC record, here's your 5-minute fix:
1. Run a DMARC check to confirm you have nothing published
2. Add this TXT record to `_dmarc.yourdomain.com`: `v=DMARC1; p=none; rua=mailto:[email protected]`
3. Wait 48 hours for reports to arrive
you're not enforcing yet. you're listening.
those aggregate reports will show you every IP address sending email as your domain.
-
if your domain has no DMARC record, here's your 5-minute fix:
1. Run a DMARC check to confirm you have nothing published
2. Add this TXT record to `_dmarc.yourdomain.com`: `v=DMARC1; p=none; rua=mailto:[email protected]`
3. Wait 48 hours for reports to arrive
you're not enforcing yet. you're listening.
those aggregate reports will show you every IP address sending email as your domain.
-
Saturday DMARC tip: check your subdomains
your main domain might be at p=reject
but what about mail.yourdomain.com?
or marketing.yourdomain.com?
DMARC policies automatically cascade to subdomains (but not all MTA providers respect it!)
you are strongly recommended to explicitly set `sp=reject` in your organizational domain's record
without it, every subdomain inherits p=none by default
-
Saturday DMARC tip: check your subdomains
your main domain might be at p=reject
but what about mail.yourdomain.com?
or marketing.yourdomain.com?
DMARC policies automatically cascade to subdomains (but not all MTA providers respect it!)
you are strongly recommended to explicitly set `sp=reject` in your organizational domain's record
without it, every subdomain inherits p=none by default
-
Saturday DMARC tip: check your subdomains
your main domain might be at p=reject
but what about mail.yourdomain.com?
or marketing.yourdomain.com?
DMARC policies automatically cascade to subdomains (but not all MTA providers respect it!)
you are strongly recommended to explicitly set `sp=reject` in your organizational domain's record
without it, every subdomain inherits p=none by default
-
Venligst vær opmærksom på falske mails fra Moonpay. Det er ikke fra moonpay. Slet den og ring ikke nummeret. Jeg modtog mailen her til morgen.
#bitcoin
#danskertrut #scams #moonpay #SecurityTip -
get a tattoo of a qr code for a rickroll on your ass. that way if anyone tries to take a pic of you naked they'll be watching rick astley instead #securitytip #netsec
-
Fun little vulnerability I found recently:
Change any user's profile picture based on the provided `?id=x` query parameter! 😈Always pull User ID from the Auth system, rather than rely on a value from the browser...
#PHP #Laravel #SecurityTip -
A quick #securitytip on how to block password-protected attachments in emails.
If you have #Microsoft #Defender for #Office365 licenses, you can use the technology called Safe Attachments. Safe Attachments do advanced scanning of attachments through so called detonations, where these attachments are run on a test environment and what the file does when it is run is monitored.
If an email contains a password-protected attachment, then these detonations cannot take place. In the Safe Attachments settings, you can set what should happen if the scan couldn't complete for some reason, which is exactly the case with the password-protected attachment. In this case, it is recommended to set the email to be blocked. #email #mdo #cybersecurity #bes
-
Periodic reminder that no one should be able to log on to your production database. Especially not your developers
-
@hacks4pancakes for the best security, lock yourself in a dark room alone and just never leave. #infosec #securitytip
-
#SecurityTip What phone to get so google won't spy on you.