P.Leclercq in Security 2025-04-24 security tips governance
According to its creator, the Centre for Cybersecurity Belgium (CCB), “The CyberFundamentals Framework is a set of concrete measures to protect data, significantly reduce the risk of the most common cyber-attacks, and increase an organisation’s cyber resilience.”
P.Leclercq in Security 2024-12-30 technology
In a previous article on MIME, you have met the Base64 format used to encode mail attachments. This post explores what Base64 encoding is, why it was created, and how it is used in email and web protocols.
P.Leclercq in Security 2024-12-11 technology
If you have ever sent or received an email with an attachment, you have likely encountered MIME types, though you may not have realized it. MIME types play a crucial role in modern email communication. For IT professionals and advanced users, understanding MIME types is essential not only for troubleshooting but also for ensuring security. Let’s break down what MIME types are, their history, and why they matter.
P.Leclercq in Security 2024-11-10 technology
This article will deviate a little from the previous content to describe an offensive tool used to test a website security.
Burp Suite is a graphical tool for testing Web application security.
P.Leclercq in Security 2024-05-16 technology security tips
I still recently encountered a case where it was enabled on some systems in an enterprise, so here is a small reminder.
P.Leclercq in Security 2024-04-12 technology
DMARC, Domain-based Message Authentication, Reporting & Conformance, is a protocol providing email authentication, policy and reporting capabilities. It builds on SPF and DKIM to improve monitoring and reporting of the protection of your email domain.
P.Leclercq in Security 2024-03-30 technology
Besides SPF, there is another protocol that ensures sent emails have not been modified during their journey, and that the sender is really sending the email from the address listed in the email header. This is DKIM, DomainKeys Identified Mail.
DKIM uses cryptographic signing to ensure the content has not been modified during the journey, and the sender domain is really what it pretends to be.
P.Leclercq in Security 2024-03-21 technology
In a previous article, we have seen an external attacker could send an email carrying an address belonging to your domain, and how to detect it via the headers. Sender Policy Framework (SPF) helps validating the real source of the email, reducing the likelihood of malicious actors sending emails that appear to come from a legitimate source.
P.Leclercq in Security 2024-03-06 technology
In a previous article, we have described the envelope and email headers.
Among the envelope headers, the Received headers are very interesting to trace the email path.
P.Leclercq in Security 2024-02-22 technology
Interpreting email headers is an essential skill when dealing with email-related issues or investigating the source of an email. Email headers contain valuable information about the path an email took from the sender to the recipient. It allows debugging email issues like non-delivery and detecting fraud or phishing.
In this article, we will learn how to interpret the basic data of email headers.