Showing posts with label Cybersecurity. Show all posts
Showing posts with label Cybersecurity. Show all posts

Tuesday, 8 April 2025

Strengthening Email Ecosystem: Outlook’s New Requirements for High‐Volume Senders

In an era where email remains a cornerstone of both personal and business communication, ensuring the security and reliability of email ecosystems is paramount. To bolster trust and protect users, Outlook.com is introducing new requirements for domains that send over 5,000 emails per day. These measures aim to enhance email authentication and reduce malicious activities such as spoofing, phishing, and spam.

New Authentication Requirements for High-Volume Senders

Effective May 5, 2025, domains dispatching more than 5,000 emails daily to Outlook.com addresses must comply with the following authentication protocols:

  1. Sender Policy Framework (SPF):

    • Ensure that your domain's DNS records accurately list all authorized IP addresses and hosts permitted to send emails on behalf of your domain.

    • SPF records must pass validation to confirm the legitimacy of the sending source.

  2. DomainKeys Identified Mail (DKIM):

    • Implement DKIM to attach a digital signature to your emails, verifying that the message content remains unaltered during transit.

    • DKIM signatures must pass verification to authenticate the integrity and origin of the emails.

  3. Domain-based Message Authentication, Reporting, and Conformance (DMARC):

    • Configure a DMARC policy with at least a p=none setting, aligning with either SPF or DKIM (preferably both).

    • DMARC enables domain owners to specify how unauthenticated messages should be handled, providing reports on email authentication status.

For detailed guidance on setting up these authentication methods, refer to Microsoft's documentation on email authentication.

Additional Email Hygiene Best Practices

Beyond authentication, high-volume senders are encouraged to adopt the following practices to maintain email quality and user trust:

  • Valid P2 (Primary) Sender Addresses:

    • Ensure that the "From" or "Reply-To" addresses are valid, accurately reflect the sending domain, and are capable of receiving replies.

  • Functional Unsubscribe Mechanisms:

    • Provide clear and accessible options for recipients to opt out of future communications, especially in marketing or bulk emails.

  • Regular List Maintenance and Bounce Management:

    • Periodically cleanse mailing lists to remove invalid or inactive addresses, thereby reducing bounce rates and spam complaints.

  • Transparent Mailing Practices:

    • Use honest subject lines, avoid misleading headers, and ensure that all recipients have explicitly consented to receive your emails.

Adhering to these practices not only enhances deliverability but also fortifies the sender's reputation within the email ecosystem.

Enforcement Timeline and Actions

Starting May 5, 2025, Outlook.com will begin routing emails from non-compliant high-volume senders to recipients' Junk folders. This initial phase serves as a grace period, allowing senders to address and rectify any authentication issues. Future enforcement actions may escalate to outright rejection of non-compliant emails, with specific dates to be announced subsequently.

Outlook.com reserves the right to take negative actions, including filtering or blocking, against senders who fail to meet these standards, particularly in cases of significant authentication breaches or poor email hygiene.

Steps to Prepare

To align with these new requirements and ensure uninterrupted email delivery:

  1. Audit Your DNS Records:

    • Review and update your SPF, DKIM, and DMARC records to ensure they meet the specified standards.

  2. Monitor Authentication Headers:

    • Regularly inspect email headers to verify authentication status. Guidance on viewing and interpreting these headers is available through Microsoft's support resources.

  3. Stay Updated:

    • Keep abreast of further announcements regarding enforcement timelines and additional requirements by following official communications from Outlook.com.

By proactively implementing these measures, high-volume senders can contribute to a more secure and trustworthy email environment, benefiting both senders and recipients alike.

Must-Know CMD Commands for System Administrators

📌 User & Group Management

🔹 Check all users: net user

🔹 Check user details: net user username

🔹 Add a new user: net user NewUser Password123 /add

🔹 Add user to local admin group: net localgroup Administrators NewUser /add

🔹 Remove user from a group: net localgroup Administrators NewUser /delete

🔹 Delete a user account: net user NewUser /delete


📌 System Information & Performance

🔹 Check system info: systeminfo

🔹 View running processes: tasklist

🔹 Kill a process by name: taskkill /IM processname.exe /F

🔹 Check disk usage: wmic logicaldisk get name, freespace, size, description

🔹 Check RAM details: wmic MEMORYCHIP get BankLabel, Capacity, Speed

🔹 Check network configuration:ipconfig /all

🔹 Flush DNS cache: ipconfig /flushdns


📌 Network & Remote Management

🔹 Ping a server: ping google.com

🔹 Check open ports: netstat -an | find "LISTEN"

🔹 Test remote connection (RDP): mstsc /v:RemotePCName

🔹 Enable RDP remotely: reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f


📌 File & Disk Management

🔹 List all drives: wmic logicaldisk get name

🔹 Check disk health (SMART): wmic diskdrive get status

🔹 Check file size in a folder: dir /s /a C:\YourFolder

🔹 Find large files (over 1GB): forfiles /S /M *.* /C "cmd /c if @fsize GEQ 1073741824 echo @path @fsize"


📌 Active Directory & Domain Management

🔹 Check domain details: nltest /dsgetdc:yourdomain.com

🔹 List all domain users: net user /domain

🔹 Force Group Policy update: gpupdate /force

🔹 Check AD replication status: repadmin /replsummary


📌 Security & Event Logs

🔹 Check failed login attempts: wevtutil qe Security /c:10 /f:text /q:"*[System[(EventID=4625)]]"

🔹 Enable BitLocker on drive C: manage-bde -on C: -RecoveryPassword

🔹 Check Windows Defender status: sc query windefend



🚀 Why Every System Admin Should Use These Commands?


✅ Saves time – No need to navigate through GUI

✅ Troubleshoot quickly – Identify & fix issues in seconds

✅ More control – Perform advanced tasks efficiently

Thursday, 28 September 2023

2023 October - Free Cybersecurity Trainings

Free Cybersecurity Courses
  1. Certified in Cybersecurity℠ - CC by ICS2: https://www.isc2.org/Certifications/CC
  2. Cybersecurity Essentials by Cisco Academy: https://www.netacad.com/courses/cybersecurity/cybersecurity-essentials
  3. Networking Essentials by Cisco Academy: https://www.netacad.com/courses/networking/networking-essentials
  4. Intro to Information Security by Udacity: https://www.udacity.com/course/intro-to-information-security--ud459
  5. Network Security by Udacity: https://www.udacity.com/course/network-security--ud199
  6. NSE 1,2 & 3 by Fortinet: https://training.fortinet.com/
  7. Information Security by OpenLearn: https://www.open.edu/openlearn/science-maths-technology/information-security
  8. Network Security by OpenLearn: https://www.open.edu/openlearn/digital-computing/network-security
  9. Risk Management by Open Learn: https://www.open.edu/openlearn/money-business/risk-management
  10. Introduction to Cybersecurity by Cisco Academy: https://www.netacad.com/courses/cybersecurity/introduction-cybersecurity
  11. CCNA Security Courses by various platforms: https://digitaldefynd.com/best-network-security-courses/?redirccnasecurity/
  12. Network Defense Essentials (NDE) by EC Council: https://codered.eccouncil.org/course/network-defense-essentials
  13. Ethical Hacking Essentials (EHE) by EC Council: https://codered.eccouncil.org/course/ethical-hacking-essentials
  14. Digital Forensics Essentials (DFE) by EC Council: https://codered.eccouncil.org/course/digital-forensics-essentials
  15. Dark Web, Anonymity, and Cryptocurrency by EC Council: https://codered.eccouncil.org/course/introduction-to-dark-web-anonymity-and-cryptocurrency
  16. Digital Forensics by Open Learn: https://www.open.edu/openlearn/science-maths-technology/digital-forensics
  17. AWS Cloud Certifications (Cybersecurity) : https://explore.skillbuilder.aws/learn/signin
  18. Microsoft Learn for Azure: https://learn.microsoft.com/en-us/training/azure/
  19. Google Cloud Training: https://cloud.google.com/learn/training
  20. Android Bug Bounty Hunting: Hunt Like a Rat: https://codered.eccouncil.org/course/android-bug-bounty-hunting-hunt-like-a-rat
  21. Vulnerability Management: https://www.qualys.com/training/
  22. Software Security: https://www.classcentral.com/course/software-security-1728
  23. Developing Secure Software: https://training.linuxfoundation.org/training/developing-secure-software-lfd121/
  24. PortSwigger Web Hacking: https://portswigger.net/web-security
  25. RedTeaming: https://taggartinstitute.org/p/responsible-red-teaming
  26. Splunk: https://www.splunk.com/en_us/training/free-courses/overview.html
  27. Secure Software Development: https://training.linuxfoundation.org/training/developing-secure-software-lfd121/
  28. Maryland Software Security: Free Course: Software Security from University of Maryland, College Park | Class Central
  29. Stanford Cyber Resiliency: https://www.classcentral.com/classroom/youtube-stanford-seminar-engineering-cyber-resiliency-a-pragmatic-approach-110018
  30. Cyber Threat Intelligience: Cyber Threat Intelligence 101 Course (arcx.io)

Tuesday, 19 September 2023

Cybersecurity Technologies and Projects


Cybersecurity is the activity of defending a business's data or information against online criminals. Attackers are giving up the conventional or outdated techniques of getting data from customers as the world adjusts to the new reality. They are adjusting to new technologies and techniques that can be used to steal data electronically. Cyber attackers try to get into the network and launch an attack, while cyber defenders try to block or stop the attackers from accessing their data. This is a game of cat and mouse in the world of cyber security. But instead of using physical weapons, these conflicts make use of a variety of the greatest cyber security tools. The same tool can be used in both positive and bad ways.

The significance of cybersecurity can be understood through Mimecast's study. According to the research, there has been a 26% increase in ransomware, an 88% increase in email-based spoofing, and a 67% increase in impersonation fraud.

The following is a list of cybersecurity technologies and projects that could help in resolving modern security issues:

1. NETWORK ANALYSIS
  1. Wireshark: https://www.wireshark.org
  2. pfSense: https://www.pfsense.org
  3. Arkime: https://arkime.com
  4. Snort: https://www.snort.org
  5. Suricata: https://suricata.io/

2. OS ANALYSIS
  1. Helk: https://github.com/Cyb3rWard0g/HELK
  2. Volatility: https://github.com/volatilityfoundation/volatility/
  3. RegRipper: https://github.com/keydet89/RegRipper3.0
  4. OSSEC: https://www.ossec.net
  5. osquery: https://osquery.io

3. INCIDENT MANAGEMENT
  1. TheHive: https://thehive-project.org/
  2. GRR Rapid Response: https://github.com/google/grr

4. HONEYPOTS
  1. Kippo: https://github.com/desaster/kippo
  2. Cowrie: https://github.com/cowrie/cowrie
  3. Dockpot: https://github.com/eg-cert/dockpot
  4. HonSSH: https://github.com/tnich/honssh

5. THREAT INTELLIGENCE
  1. Misp: https://www.misp-project.org/
  2. MSTICPy: https://github.com/microsoft/msticpy
  3. Threatpost: https://threatpost.com/
  4. Dark Reading: https://www.darkreading.com/
6. EDR
  1. Cortex XDR: https://www.paloaltonetworks.es/resources/datasheets/cortex-xdr
  2. Cynet 360: https://www.cynet.com/platform/
  3. FortiEDR: https://www.fortinet.com/lat/products/endpoint-security/fortiedr
  4. Xcitium: https://www.xcitium.com/free-edr/
7. SIEM
  1. OSSIM: https://cybersecurity.att.com/products/ossim
  2. Splunk: https://www.splunk.com
  3. LogRhythm: https://logrhythm.com
  4. Wazuh: https://wazuh.com
  5. Qradar: https://www.ibm.com/community/qradar/ce/

What's new in Microsoft Intune: April 2025

Microsoft Intune's April 2025 release introduces several enhancements aimed at improving device management and security: Custom Naming ...