Executive Summary: The NCSC’s upcoming changes to Mail Check services, including the discontinuation of DMARC aggregate reporting, necessitate that organisations find alternative solutions to maintain robust email security. This article: Introduction The National Cyber Security Centre (NCSC) recently proposed updates to its Mail Check coming into effect on 24 March 2025. As the service evolves…
Read more
Executive Summary: BreakSPF is an emerging threat that takes advantage of misconfigured SPF records, especially those with overly broad IP ranges. Attackers can exploit these vulnerabilities to send fraudulent emails that appear legitimate.Utilizing solutions like Red Sift OnDMARC can help organizations detect and correct these misconfigurations, enhancing their overall email security posture. This article: Introduction BreakSPF…
Read more
With the NCSC discontinuing key features of its Mail Check service, including DMARC aggregate and TLS reporting, after March 2025, UK public sector organisations must prepare for this change by transitioning to alternative email security solutions. To support this shift, Red Sift is offering an extended free trial of its DMARC application, OnDMARC, providing…
Read more
Registrable domains and DNS play a crucial role in establishing online identity and trust, but their importance is often taken for granted. During new service setups, record updates are often overlooked, accumulating outdated entries. As infrastructure teams become increasingly overstretched, services may be incorrectly shut down without proper cleanup, leaving behind a sprawl of…
Read more
In 2011, the original DomainKeys Identified Mail (DKIM1) standard was published. It outlined a method allowing a domain to sign emails, enabling recipients to verify that the email originated from an entity holding a private key that matches the public key published in the domain’s DNS records. Now in 2024, DKIM is ready for…
Read more
In recent weeks, there have been reports of sophisticated phishing attacks disguised as official communication from the cryptocurrency platform, Coinbase. These phishing emails closely mimic Coinbase’s branding and language to build recipient trust and prompt clicks on malicious links. The subject lines of these emails generally follow a format: the sender’s address starts with…
Read more