go to sections menu

The Security Box, podcast 37: The Beginning of DKIM and other stuff from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: podcast announcements > The Security Box, podcast 37: The Beginning of DKIM and other stuff

Go to Homepage, contents or to navigation menu

The Security Box, podcast 37: The Beginning of DKIM and other stuff

It looks like I did not put the show notes up on the blog for podcast 37’s Security Box. Sorry about that!

The rss feed has been updated after the program was updated.

Don’t worry, those who don’t have RSS can get the 166.76mb file right here.

Want the show notes? You’ve got those coming right up.

Welcome to the Security Box, podcast 37. On this episode of the program, we’re going to talk about something I don’t think people know much about dealing with email, verification of domains in the process, the standards of what it is and how it came to be. We will also cover a very interesting webinar that I listened to by Trend Micro that delbt with the security predictions for 2021. We’ll also have news, notes, questions, comments and more as the show progresses and the listeners choice on whether they have something to contribute. I hope you enjoy the show as much as I have bringing it together for you, and thanks so much for listening!

Topic: DKIM

DKIM is a short form of a longer term which means Domain Keys Identify Mail. This may take several programs to cover, and I think its time, seeing how we had some issues that were the result of it in passing. I’ll talk about those issues in this episode and we’ll get through some of the document.

Webinar: Turning the Tide: Security Predictions 2021

This was quite eye-opening. Usually these predictions are in writing on a blog, and we can pick them apart. This time its in a video, and I hope people enjoy it. I did.

News Notes and more

  • Phishing is definitely continuing to be the topic of the landscape more now than ever, even with the pandemic continuing to rage on. In an article I spotted on Phishlabs, they analyzed 100,000 different web sites of phishing because they indicate that some are on free hosts, some are compromised web sites, yet others may be domains that have expired that they snatched up. The site analysis took place through a three month period and they found the following things: 38.3% used compromised websites, 37.4% abused free hosting services, and 24.3% used maliciously-registered domain names. Within the article, the different terms such as malicious registered are defined. There are two main headings “Discerning Compromised vs Malicious Domain Registration” and “Free Hosting Abuse” which should be read if nothing else. This was definitely a great read, and news worth sharing. Most Phishing Attacks Use Compromised Domains and Free Hosting is the article.
  • Shortly after podcast 35’s airing, there was an article that was posted that made it in to Trend Micro’s “This Week in Security News” roundup which is posted to our blog. While I’m not going to link to that article in news notes, one article about the Solar Winds breach came to light. According to a Swis firm, an actor had APT access to networks for quite awhile. The name of this group is Silverfish. The firm that was named in the article is called Prodaft. Silverfish took advantage by carrying out a sophistocated attack on at least 4720 targets which included governmental institutions, global IT providers, dozens of banking institutions in the U.S. and EU, major auditing/consulting firms, one of the world’s leading Covid-19 test kit manufacturers, and aviation and defense companies. The hackers worked a normal day, monday through friday 8 am to 8 PM according to the article. The report is linked within the article which is entitled Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker so go ahead and read this one if you read nothing else.
  • Speaking of Phishing, we can’t forget to mention the fact that Covid-19 scams are still out there. A cyberscoop article goes in to detail about the recent rounds of phishing pages to ask for credentials to Office 365 accounts while they send you an email about potential issues or otherwise in regards to the vaccines. All of us now have a chance to get vaccinated, check with your state or pharmacy for complete details for your needs. COVID-19 vaccine scammers are still lurking is the article, and please give it a read.
  • Finally, patching after the massive flaw in Redmond is well under way with 92 percent of servers that were now patched after the biggest breach in business history to date as far as we’re aware. There’s lots of links within Cyberscoop’s article, so its best to read the article entitled Patching is trucking along on Microsoft flaws, but hackers are still meddling.

Thanks so much for listening, and make it a great day!

Informazioni sull'articolo

The Security Box, podcast 37: The Beginning of DKIM and other stuff was released on April 7, 2021 at 4:30 pm by tech in podcast announcements.
Last modified: April 7, 2021.

Comments (0)

No comments yet.

Leave a comment

You must be logged in to post a comment.

go to sections menu

navigation menu

go to sections menu