The Red Sift Blog
TLS certificates are changing: What you need to know
Filter all blogs
All blogs
TLS certificates are changing: What you need to know
Executive summary: TLS certificates are about to get significantly shorter-lived. Starting 15 March 2026, newly issued public-trust certificates will max out at 200 days—and just three years later, that lifespan drops to 47 days. Backed by Google, Apple, and Mozilla, this shift aims to make the web safer through fresher data, faster failover, and…
Read more
The hidden threat: How misconfigured DKIM enables replay attacks
Email authentication isn’t just an IT concern. It protects your brand and customers. A single misstep can let attackers spoof your domain, send phishing emails, and destroy customer trust. One of the most dangerous methods? The DKIM replay attack. In this post, we’ll break down how undersigned DKIM keys and related misconfigurations open your…
Read more
Why DMARC and BIMI are a business priority
Email threats aren’t slowing down, and neither should your authentication strategy. In our recent joint webinar with Marigold, “From DMARC to BIMI: Navigating the New Email Authorization Landscape,” we broke down what today’s evolving standards mean for both security and marketing teams—and how to take action now with our free Red Sift Investigate tool.…
Read more
Zoom stops zooming: Why active monitoring is essential
On April 16, 2025, Zoom experienced a significant global outage that disrupted video conferencing services and access to its website for thousands of users, as well as their corporate email for all their employees. It was quickly identified as a domain name registration status problem. Despite being a critical name for Zoom, somehow, the…
Read more
Why DMARC matters: Protect your organization from evolving phishing threats
Phishing campaigns continue to change. Attackers are adapting faster than traditional security tools, using more subtle methods to bypass filters and reach inboxes. The latest KnowBe 4 Phishing Threat Trends Report (2025) shows a steady increase in attacks that slip through email security platforms and a growing use of techniques that avoid detection, increasing…
Read more
Red Sift OnDMARC joins the Jisc Chest platform to strengthen email security…
With the National Cyber Security Centre’s (NCSC) Mail Check tool having retired its free DMARC reporting service in March 2025, education and research institutions across the UK are now facing a critical visibility gap when it comes to email-based threats. To help address this, Red Sift is now working with Jisc—the UK’s not-for-profit provider…
Read more
Microsoft announces new email requirements for bulk senders
Executive Summary: New email authentication rules from Microsoft will impact bulk senders starting May 2025. To protect users from spoofing and phishing, Microsoft will require SPF, DKIM, and DMARC authentication—bringing its policies in line with Google and Yahoo. Red Sift offers tools to help organizations comply and maintain deliverability. This article: Microsoft has officially…
Read more
From concept to market leader: Reflecting on the development of Red Sift…
Following Red Sift OnDMARC being featured in 18 reports in G2’s Spring 2025 Report, CEO Rahul Powar shares his thoughts on the innovation behind the product—and what’s driving its continued momentum in the fight against phishing and Business Email Compromise (BEC). When I founded Red Sift, my goal was to make proactive cybersecurity accessible…
Read more
Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC
Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA). What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email…
Read more
Red Sift OnDMARC ranked #1 in EMEA and Europe for DMARC in…
G2’s Spring 2025 Report is here, and we’ve got some exciting news to share! Red Sift OnDMARC has been named the #1-rated DMARC solution in both EMEA and Europe, and that’s just the start. We also took the #1 spot in the Mid-Market Results Index and Mid-Market Usability Index, and were featured in 18…
Read more
The Mail Check deadline has passed: Is your organisation at risk?
The National Cyber Security Centre (NCSC) proposed changes to Mail Check services came into effect on 24 March 2025, including the ending of DMARC aggregate reporting. Organisations who are yet to comply must now seek an alternative provider or risk exposure to harmful cybersecurity incidents. This change comes as a measure to expand the…
Read more
Red Sift named a Top 50 company in 2025 Emerging Stars Awards
We’re pleased to share that Red Sift has been named Best Performing Company – Security & Infrastructure in the 2025 Emerging Stars Awards. These awards, part of the Megabuyte100 series, recognise the UK’s 50 best-performing scale-up technology companies based on solid financial performance, from over 800 entries. Being recognised in this category reflects the…
Read more
Mailgun and Red Sift partner to boost email programs with stronger authentication
Senders know that email is a critical channel for driving customer engagement and establishing trust, yet deliverability and security issues can disrupt email programs. Mailgun, a leader in cloud-based email delivery, is providing free DMARC reporting for all Mailgun senders courtesy of Red Sift OnDMARC. This integration brings senders complete visibility into authentication results…
Read more
Over 60% of healthcare organizations remain unprotected against data breaches
Introduction Red Sift’s analysis of healthcare organizations that reported large breaches to the Department of Health & Human Services (HHS) in 2023-2024 uncovered a troubling trend: post-breach, 61% remain unprotected against phishing and domain spoofing due to weak or nonexistent DMARC policies. DMARC (Domain-based Message Authentication, Reporting & Conformance) is a widely recognized security…
Read more
Red Sift wins 2025 Cybersecurity Excellence Award for OnDMARC
Executive Summary: Red Sift OnDMARC has been recognized with the 2025 Cybersecurity Excellence Award for its advanced email security solutions. By leveraging AI-powered tools like Red Sift Radar for security issues and Dynamic DNS Guardian for real-time monitoring, OnDMARC provides businesses with robust protection against phishing, spoofing, and business email compromise (BEC). Key takeaways:…
Read more
Red Sift’s Winter ‘24/’25 Quarterly Product Release
This quarter, we’re making security faster, smarter, and more proactive with updates that improve threat detection, reduce manual work, and prevent threats before they escalate. Highlights include: Brand Trust Executive Impersonation: Detect unauthorized use of leadership identities By uploading and managing executive images in Brand Trust, security teams can detect and monitor unauthorized use…
Read more
Enhanced logo detection with AI: A hybrid approach
Executive Summary: Accurate logo detection is essential for protecting brands against misuse and fraudulent activities. Red Sift’s hybrid AI approach enhances detection precision, effectively balancing the reduction of false positives with the identification of genuine threats. This article: Introduction Logo detection is crucial for brand protection, helping identify logo misuse in lookalike domains and fraudulent…
Read more
Prepare for the Mail Check deadline
Executive Summary: The NCSC is updating its Mail Check services, discontinuing features like DMARC aggregate reporting to enhance accessibility and manage costs. Public sector organisations relying on these services should explore alternative DMARC reporting solutions to maintain email security. This article: Introduction The National Cyber Security Centre (NCSC) is modifying Mail Check services to discontinue…
Read more
Post-quantum cryptography for Internet and WebPKI: Where are we now and how…
Executive Summary: Advancements in quantum computing threaten existing cryptographic protections. While CRQCs aren’t expected imminently, organizations must proactively transition to quantum-safe cryptography to secure future communications. This article: Introduction Recent advancements in quantum computing pose a substantial threat to the cryptographic algorithms that secure internet communications, particularly public key cryptography. As quantum computers evolve, they…
Read more
Collaborative cybersecurity: The building blocks to a safer internet
Ciaran Martin, former CEO of the UK National Cyber Security Centre, and Rahul Powar, CEO of Red Sift Executive Summary: As technology advances, so do associated risks. A conversation between industry leaders emphasizes that collaborative cybersecurity efforts are crucial to building a safer and more resilient internet. This article: Introduction The internet’s foundational promise is…
Read more
Securing crypto with Andrei Terentiev
Executive Summary: In an insightful discussion, Bitcoin.com’s CTO, Andrei Terentiev, delves into the challenges at the intersection of cryptocurrency and cybersecurity, offering strategies to protect digital assets in an ever-evolving landscape. This article: Introduction In a new episode of Resilience Rising, host Sean Costigan speaks to Andrei Terentiev, Chief Technology Officer (CTO) of Bitcoin.com. The…
Read more