Author Archives: Thomas

What does Transparent 2FA Solve?

Posted on October 27, 2021 by Thomas

Our previous article goes over 2FA/MFA and how it drastically cuts down the threat of automated authentication attacks. Despite the benefits, the adoption of 2FA is limited. The process of enabling and using 2FA creates extra steps for the user, … Continue reading

Posted in Informative | Tagged , , , , , | Leave a comment

2-Factor and Multi-Factor Authentication

Posted on October 20, 2021 by Thomas

Talking about authentication just isn’t complete without mentioning 2-Factor Authentication (2FA) and Multi-Factor Authentication (MFA). Judging from the piling evidence of data breaches and weak password tendencies, using just a password as your only line of defense seems… risky. Let’s … Continue reading

Posted in Informative | Tagged , , , , , , | Leave a comment

Data Breaches: Why You Should Update Your Old Passwords

Posted on September 30, 2021 by Thomas

Having a strong password is great when it comes to securing your account against traditional brute force and dictionary attacks. However, credential stuffing leverages passwords exposed in data breaches to crack accounts. More information about the different types of authentication … Continue reading

Posted in Informative | Tagged , , , , , , , , , , , , , | Leave a comment

How Email Administrators Can Improve Authentication Security

Posted on September 13, 2021 by Thomas

The previous articles about authentication attacks focused on how an end user identifies and protects themselves from authentication attacks. But what about protecting the server itself, and all user accounts, from such attacks? This article goes over what can be … Continue reading

Posted in Informative | Tagged , , , , , , , , , , , , , , | Leave a comment

What is an Authentication Attack

Posted on August 25, 2021 by Thomas

“My account has been hacked!” It’s probably not the first time that you’ve heard those words, but what exactly does it mean for your account to be hacked? I’m not referring to cases where your Ex guessed your password and … Continue reading

Posted in Informative | Tagged , , , , , , | Leave a comment

Blocklists are for more than just Spam

Posted on August 18, 2021 by Thomas

Blocklists, also known as Real-time Blackhole Lists (RBL) or Domain Name System-based Blackhole Lists (DNSBL), have historically been used to reject or flag email. This is typically done by checking whether the IP address of the sending mail server is … Continue reading

Posted in Uncategorized | Tagged , , , , | Leave a comment

Trends in Networks: Spam #19

Posted on March 5, 2021 by Thomas

What else can be said about the Freenom and .xyz TLD abuse on Digital Ocean at this point. Perhaps it is time to just accept that email from these TLDs should never be accepted from the Digital Ocean network. Feb26 … Continue reading

Posted in Informative | Tagged , , , , , , , , , , | Leave a comment

Trends in Networks: Spam #18

Posted on February 26, 2021 by Thomas

It’s a shame that such simple fixes can’t or won’t be done by a company to make the world a better place. I wonder if the money is really worth knowingly turning a blind eye to malicious activity, activity that … Continue reading

Posted in Informative | Tagged , , , , , , , , , , , | Leave a comment

Trends in Networks: Spam #17

Posted on February 18, 2021 by Thomas

Never ending freenom and xyz TLD spam continues on Digital Ocean. A big burst came in on Valentines day from these newsgood.xyz domains. Feb12 159.65.97.208 x1 box.hasferst.xyz 164.90.222.36 x7 ocean.heurlin.xyz 167.71.236.182 x20 mail.gizmospace.ml Feb13 104.248.198.228 x1 box.tspsonghericeltd.xyz 188.166.212.60 x2 mail.granti.xyz … Continue reading

Posted in Informative | Tagged , , , , , , , , , | Leave a comment