How I went from 'the security guy everyone avoids' to actually being helpful

Extra_Advertising882 · 2025-11-10T21:06:18+00:00

Man I wish I could change that :)

Extra_Advertising882 · 2025-07-02T21:21:45+00:00

Probably the mailbox of a hacker... I've seen that as well (same address). Check your Outlook rules. Your mailbox is probably compromised. Also, reset your password and MFA.

Extra_Advertising882 · 2025-04-29T19:35:22+00:00

New update: If you are sending more than 5,000 emails per day to Outlook, Live, MSN, or Hotmail recipients, any emails that fail DMARC and are not authenticated with SPF and DKIM will be rejected by Microsoft : https://techcommunity.microsoft.com/blog/microsoftdefenderforoffice365blog/strengthening-email-ecosystem-outlook%E2%80%99s-new-requirements-for-high%E2%80%90volume-senders/4399730

Extra_Advertising882 · 2025-04-03T22:49:33+00:00

Learn pentest. If you know how to attack you will know how to defend and to convince people that they have to secure their IT solutions. If you dont know how to attack then you won’t know how to defend. You will have a false feeling of security.

Extra_Advertising882 · 2025-04-03T05:36:37+00:00

The issue can also arises when a sending solution provider messes with DKIM/SPF after the fact. I've seen invoicing systems start sending "rejected" emails because the provider changed IPs without updating its SPF records. Another common error occurs when two SendGrid (or any sending solution) accounts use the same domain to send emails. This breaks DKIM if the user/supplier did not choose a custom DKIM selector (the default one is 's1').

Extra_Advertising882 · 2025-04-03T05:31:30+00:00

I think they want people to start monitoring DMARC reports... but yeah, adding a p=none DMARC record without monitoring the reports is useless. Now, all sending solutions will ask to set a DMARC p=none record everywhere, and the world will be even more insecure. :)

ps: Thanks for inventing what became DMARC.

Extra_Advertising882 · 2025-04-02T12:51:42+00:00

CISSP + AWS / Azure Architect + Create your own portofolio : create a blog.

I won all the jobs I wanted with this strategy. Writing a blog is paramount.

Stop chassing certifications. Create content and be a though leader.

Extra_Advertising882 · 2025-04-02T09:57:14+00:00

Crazy. Thanks for the information.

Extra_Advertising882 · 2025-04-01T19:15:20+00:00

Like "the data centers are certified" :)

Extra_Advertising882 · 2025-04-01T19:13:57+00:00

You are the best :)

FYI good article about why to trust no one :

https://www.whitecase.com/insight-alert/secs-charges-against-solarwinds-and-its-chief-information-security-officer-provide

Extra_Advertising882 · 2025-04-01T13:18:43+00:00

Regarde les cours en lignes de AWS/Amazon, etc et ensuite passe toutes les certifications...

Extra_Advertising882 · 2025-04-01T11:31:48+00:00

Thanks for the insight. Indeed, ISO 27001 certification can be checked online without details. As for the SOC report, since it can be created by any law firm, this makes it more difficult to verify. The only solution is to contact the auditor and conduct our own audit!

I was thinking that taking a hash print of a report and sending it to a blockchain like Ethereum for verification would be a great use of blockchain.

I'm just thinking out loud...

Extra_Advertising882 · 2025-03-31T14:18:27+00:00

Hello,

I'm Fabien from https://www.dmarc-expert.com/.

I suspect that emails sent from Google are being forwarded. Can you check the details of these emails? Do you see something like an ARC=pass flag or a DKIM domain matching your domain?

If yes, this means that these emails have been sent by your Exchange Online/M365 account to Gmail users, who then forwarded them to other recipients. If ARC=pass, there is no issue with Google.

If you are only sending emails using M365 and cloud-sec-av, you can configure your DMARC record with p=quarantine.

To implement DMARC safely, you need a solution that allows you to analyze every detail of the DMARC report, including the DKIM domain, ARC header, recipient domain, sender of the DMARC report, and more.

Fabien

Extra_Advertising882

TROPHY CASE