Ah yes. But you can just reject NDR messages with “550 5.7.509: Access denied, sending domain example.net does not pass DMARC verification and has a DMARC policy of reject” now.

Yes, however RFC7208 says not to send NDR when sender authentication fails (=when SPF/DMARC is correctly set up it will fail) So you will get massively less backscatter. There will still be some providers sending NDRs however not the big ones, they will instead inform you via DMARC reporting which is easier to ignore.

Generating non-delivery notifications to forged identities that have
   failed the authorization check often constitutes backscatter, i.e.,
   nuisance rejection notices that are not actionable.  Operators are
   strongly advised to avoid such practices

You want DMARC to protect the header From. This will protect you from backscatter due to out of office replies etc. Bounces go to the envelope from and are due to rejected mails.

TL;DR Implement SPF to not get bounces and implement DMARC to not get backscatter.

This is great. I already have seen this with some bigger companies that are work from home. Vendors go to their office and use the meeting rooms so they can talk to the employees which work from home.

So now to have IBM as your supplier will cost you more than the competition because you have to provide office space (which you eliminated for your own employees) to them.

I always like it when big companies put stones in their own way with their bad policies.

Probably because it has almost nothing to do with hacking.

Yes, when setting up their own domain they can as well set the dmarc policy to reject and add valid spf and dkim records. They also do this sometimes.

Why? The US will soon pay you if you take anything from them if they continue like this.

Use the recommemded parameters: https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-argon2-04#page-11

Also consider WebauthN/Passkeys. They are much less ressource intensive on the server but useless to an attacker when the database is leaked and as such don’t rely on slowing down the crypto operations.

“The company currently exports Model 3 vehicles from Shanghai to the EU, while it produces the Model Y in Berlin.”

It’s right there in the article if anyone would care to read it.

Your first step will be learning to dry it and keep it dry. I can recommend a scale that can resolve to at least 0.1g so you can measure the weight loss while drying. This will help in seeing when it’s sufficiently dry (put it in dryer and weigh it every hour) and if it took moisture again.

There are so many VPN providers selling your data, being operated by the feds, operated by cybercriminals etc. it really doesn’t matter just as said in 8.

We better should’ve stayed at 640kB.

They will after

Room-scale DnD dungeons anyone?

It looks like there are multiple layers printed without feeding filament, which causes these frays to build up. Could it be that the filament clogs after this layer? Or do you see that filament still properly feeds later? This could happen for example due to heat creep and the filament getting too warm/soft in the extruder to properly feed or you trying to feed too fast.

Yes I know. We do simulations but we only measure who reports them and provide training how to report them (In the mail itself). No shaming for user who click them and no additional training on how to look at details.

It makes no sense training the user in looking at for example the links if all the big vendors use suspicious links anyway. For example the phishers use OneNote shares to phish, but those are hosted on Microsoft which by itself is legitimate. The only way a user really is able to recognize a phish is if it is unsolicited (report the mail as spam) or if it looks legit but asks for credentials (report it, we use SSO everywhere possible and you should never be asked for credentials for one of our platforms). We cannot do this for all vendors however and the users are encouraged and trained on using Passkeys or Autofill by the company provided password manager so that they get suspicious when no autofill is possible, then they can report the mail.

It’s not always possible to recognize phishing from the get go and security is better suited to investigate than rando from the logistics department.

Yes but the only relevant metric is how many reported it. Doesn’t matter if they delete, read, click or enter data. We’re only interested in the information that a phish got through our security controls (=we failed our users), so we can investigate (and clean up if needed) the impacted mailboxes and accounts.

The layoffs are finally paying off…

deleted by creator

However I can see when any IPv6 begins with 2a02:12xx:: then it’s Swisscom (biggest swiss ISP). But I can’t remember any of their hundreds of IPv4 prefixes.