Rogue Cell Tower Shut Down in London (www.cityoflondon.police.uk)

submitted 1 month ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

6 comments fedilink hide all child comments

top 6 comments

sorted by: hot top controversial new old

[-] Emotet@slrpnk.net 19 points 1 month ago

It still amazes me that the security concept against spoofing a number for phone calls and SMS is "Please don't do that, it's illegal".

[-] ikidd@lemmy.world 0 points 1 month ago

Well, then you probably don't want to learn more about email...

[-] pastermil@sh.itjust.works 5 points 1 month ago* (last edited 1 month ago)

Aren't there more security measures in ensuring email credentials (assuming the user holds up their end)?

[-] Emotet@slrpnk.net 5 points 1 month ago

Protocols to authenticate email senders exist, e.g. SPF and DKIM. Mostly an enterprise thing, though.

[-] MetaCubed@lemmy.world 5 points 1 month ago* (last edited 1 month ago)

Unless I've seriously lost what "an enterprise thing" is nowadays, I wouldnt call SPF and DKIM (and DMARC for that matter) "mostly an enterprise thing" considering:

They are security measures implemented by default with all freemail providers
Almost all mail systems will block or flag any mail which isnt at least SPF authenticated
Gmail and yahoo now aggressively require DKIM and DMARC to be configured in order for mail to be delivered if delivered in bulk (this is in addition to their past SPF requirements)
We (my company) consider it a mandatory now in 2024 to guarantee mail delivery, even for our smallest clients.

[-] BarbecueCowboy@lemmy.world 4 points 1 month ago

A lot of smaller businesses just aren't bothering to deal with it right now, relying on getting the opposing IT department to just whitelist their address is apparently working for them with their mail volume. I am talking smaller businesses, but also not mom and pop stores, we're talking national chains, etc. that just don't care about the impact. That is also assuming that whoever manages the receiving mail server has even managed to keep a policy to block items that fail SPF/DKIM in the first place.

Gmail and Yahoo are pushing and I love that, but they're just a bit ahead of the game.

this post was submitted on 11 Jun 2024

56 points (100.0% liked)

Cybersecurity

5081 readers

117 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social