Understanding the Trello Breach: Security Concerns and Expert Response

ByBrad Slavin Reading Time: 13 minutes

The Trello breach, which occurred in January 2024, resulted in approximately 15 million users having their email addresses, names, usernames, project management information, and activity logs scraped and offered for sale on a hacking forum. This incident raised significant concerns regarding user data security and highlighted the importance of implementing strong passwords and two-factor authentication…

The right way to transition to SPF HardFail (-all)

ByBrad Slavin Reading Time: 5 minutes

Sender Policy Framework, or SPF, is a simple way to tell the receiving servers which IPs or mail servers are allowed to send emails on behalf of your domain. It basically means ‘allowlisting’ all those who are officially permitted to send emails as your business representatives. But that’s not all when it comes to implementing…

Gmail, Outlook, and Apple Mail warn users ahead of anticipated AI menaces in 2025

ByBrad Slavin Reading Time: 3 minutes

Gone are the days when incorrect grammar, poor graphics, an unprofessional tone, and other flaws were red flags of a phishing email. It’s 2025, and AI has enabled threat actors to create convincing emails without such flaws. They are creating sophisticated emails that look like they have been genuinely sent by friends, colleagues, clients, service…

Cyber resilience 2025- a bigger picture of technical agility and adaption for businesses

ByBrad Slavin Reading Time: 4 minutes

In general, cyber resilience is a company’s ability to withstand, respond to, and recover from cyberattacks or IT failures while continuing to operate smoothly. It’s like having a backup plan and strong defenses to keep business running even when something goes wrong. There is no strict definition of cyber resilience as the digital landscape keeps…

SPF record +all mechanism- why is it the most dangerous SPF setting

ByBrad Slavin Reading Time: 3 minutes

SPF prevents emails sent by unauthorized people from landing in the inboxes of targeted recipients. However, if your SPF record is misconfigured, it can do more harm than good- especially if it’s overly permissive. By overly permissive, we mean using the +all mechanism, as this setting can turn your domain into an open relay for…

The point where DORA and DMARC intersect

ByBrad Slavin Reading Time: 3 minutes

DORA (Digital Operational Resilience Act) is a Europe-based framework explicitly designed to establish regulatory compliance for the finance sector. This act has been in force since January 2025. Though DORA and DMARC are not directly linked with each other, DMARC helps in DORA compliance by improving the email security posture.  DMARC is an email authentication…

Pros and cons of using wildcarding in SPF

ByBrad Slavin Reading Time: 3 minutes

SPF is the email authentication protocol that allows domain owners to specify which mail servers they officially allow to be used to send emails on behalf of a domain. Wildcarding in SPF is done using the ‘*’ mechanism. It matches any domain or IP that doesn’t explicitly match other mechanisms in the record. Wildcarding usually…

How does Privileged Account and Session Management (PASM) help strengthen DMARC and email security?

ByBrad Slavin Reading Time: 4 minutes

The truth is that the most important people in your organization are also the most targeted individuals for cyber-attacks due to their access to the most critical information and the management of sensitive systems that are major targets for cyber-attackers.  Since these accounts are the key to your organization’s most valuable resources, it only makes…

Overly permissive SPF configurations that make your email infrastructure vulnerable to phishing and spoofing

ByBrad Slavin Reading Time: 4 minutes

Overly permissive SPF configurations refer to settings that are set so loosely and broadly that anyone on the Internet can send emails from your domain. These configurations weaken your email infrastructure, ultimately exposing your brand name to phishing, spoofing, ransomware attacks, and other security risks.  If unauthorized, malicious people send emails from your domain and…

Everything you should know about typosquatting and how to stay protected

ByBrad Slavin Reading Time: 6 minutes

They say familiarity is deceptive, and we absolutely agree with it, especially in the context of cybersecurity. We base this statement on the paradigm that humans tend to trust patterns and blindly click on something that looks familiar at a glance. While doing this, we tend to overlook minor mistakes or discrepancies that can lead…