How BIMI Avoids Unauthorized (or Fraudulent) Use of Logos

BIMI

BIMI provides email security that stands for Brand Indicators for Message Identification which displays the brand logo next to authenticated emails and allows the email users to recognize and avoid fraudulent messages. There is a type of email authentication protocol named DMARC (Domain-based Message Authentication Reporting, Reporting & Conformance) that is used to ensure that the organization’s domain has not been spoofed.

BIMI is built on DMARC which is used with SPF and DKIM. DKIM stands for DomainKeys Identified Mail works on cryptography and ensures that the email messages you send are not modified in transit whereas SPF stands for Sender Policy Framework which is a form of email authentication that checks and specifies that the email servers from where they are being sent with their domain originate from a specific IP address.

A BIMI checker is easy to use where your domain name is the input and you get the results instantly.

Although it is not mandatory to use BIMI, it’s a good practice and your domain is protected which gives the users or recipients peace of mind about their messages which are authenticated.

With BIMI security in place, there is no way that cyber-attacks which consist of Phishing, or Spear-Phishing attacks would jeopardise the system. In July 2021, the search giants Google with their Gmail service in place had officially rolled out BIMI for all Gmail inboxes.

Currently, BIMI is supported by the following mailbox providers:

  • Fastmail
  • Proofpoint
  • Verizon Media (Yahoo!, AOL)
  • Google

If the email is legitimate inside an email inbox where a company logo is displayed with the help of a BIMI record which is a type of DNS TXT.

How BIMI works

The organizations which use the BIMI for authentication of their emails have to use Sender Policy Framework (SPF) or Domain Keys Identified Mail (DKIM) and apply DMARC which provides their validated trademark logos to the organization via a Verified Mark Certificate (VMC).  BIMI makes sure that your organization has adopted DMARC, and that you have validated your logo with a VMC. VMCs are being issued by two BIMI-qualified Certification Authorities i.e. DigiCert and Entrust Datacard.

Requirements to join BIMI

There is a brand trust developed with BIMI and to be a part of the BIMI there are the following conditions which need to be met:

•             The recipient’s domain needs to be DMRAC authenticated.

•             The recipient’s owner needs to obtain the right certification.

•             A standing history needs to be maintained.

Frequently Asked Questions (FAQ)

Ques 1. What is BIMI?

Ans 1. BIMI provides email security that stands for Brand Indicators for Message Identification which displays the brand logo next to authenticated emails and allows the email users to recognize and avoid fraudulent messages.

Ques 2. Why it is important to have BIMI?

Ans 2. To protect your brand and consumers from fraudulent messages it is important to have strong email authentication and identification.

Ques 3. What is the BIMI record?

Ans 3.  It is a type of DNS TXT that is used to record and display the band logos within recipients.

Ques 4. What is BIMI Radar?

Ans 4. BIMI Radar is used to track the DMARC readiness and the adoption of BIMI with companies and organizations’ domains worldwide on a daily basis.

Ques 5. How to set up DMRAC?

Ans 5. To understand how to setup DMRAC, you need to click here

Ques 6. How to set up a BIMI txt record?

Ans 6.  To understand how to set up a BIMI txt record, you need to click here

Ques 7. What are the steps to implement BIMI for your emails?

Ans 7. The steps involved in implementing BIMI for the emails are:

1.            Implement SPF and DKIM

2.            Implement DMARC with the enforcement policy

3.            Publish a BIMI record

Ques 8. Which tools are used to check BIMI?

Ans 8. The easiest way to check the BIMI is with a BIMI lookup tool which can be chosen from BIMI Group, MX Toolbox, Agari and Valimail.

Ques 9. To which email providers does BIMI is supported?

Ans 9. BIMI is supported by the following mailbox providers:

•             Fastmail

•             Proofpoint

•             Verizon Media (Yahoo!, AOL)

•             Google

Ques 10. What is the reason for BIMI Logo Not Appearing in Emails?

Ans 10. To make sure that the BIMI logo appears in emails first make sure that you have an enforced DMARC Policy (p=quarantine or p=reject) and for Gmail, make sure you have a valid VMC.

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

What is Operational Technology (OT) Security Monitoring

Introduction

OT is the practice of using hardware or software that is used to control physical processes, devices and infrastructure. It includes systems that are used in manufacturing, energy, medicine, building management, and other industries.

OT monitors and manages industrial processes and manufacturing equipment’s and keep them running.

Components for OT

  • Industrial Control System (ICS)

ICS are the main component of OT that includes different types of devices, systems, controls, and networks that manage a variety of industrial processes.

  • Supervisory Control and Data Acquisition (SCADA)

SCADA is a data collecting system from sensors, often at distributed sites which sends it to a central computer that manages and controls the data.

Challenges for OT security

  • Lack of risk mitigation and remediation
  • Lack of awareness among OT staff
  • Hard to test production environments
  • Limited security awareness
  • Limited patching

How IT is different from OT Network Solution

IT mainly focuses on the user experience, performance of the transmission, ease of operation based on standards. Secondly, IT focuses on integrity, availability of system and confidentiality whereas OT focuses on the safe operation of plants having reliable data transmission for time-critical applications and also controls equipment’s, information technology and controls data.

IT Requirements
OT Requirements

Products of Operational Technology (OT)

Following are the products of OT marketed by different companies:

  • Products In Operational Technology (OT) Security Market by Darktrace
  • Nozomi Networks Guardian by Nozomi Networks
  • Kaspersky Industrial CyberSecurity (KICS) by Kaspersky
  • BOTsink by Attivo Networks
  • Symantec Endpoint Security Symantec Endpoint Security
  • Check Point Advanced Endpoint Threat Detection by Check Point Software Technologies
  • Thales Luna Network HSM by Thales (Gemalto)

Note: The above information has been taken from Gartner website operational technology security, click here

Major OT systems attacks

  • 2017 Petrochemical facilities Middle East
  • 2016 Energy company Europe
  • 2016 Dam attack USA
  • 2015 Power company Ukraine
  • 2014 Steel mill Germany
  • 2010 Nuclear facilities Iran

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

News coming from INDIA “No Ban on Crypto but will be regulated”

There are lot of buzz going around on the crypto market, here there is something that many crypto investors were waiting to hear & holding on to their breath.

The Indian panel court are NOT Banning Cryptocurrency, yes you heard it right there is “No Ban on Crypt” but it will be regulated by none other than the SEBI government body.

The Cryptocurrency and Regulation of Official Digital Currency Bill, 2021 brings regulation not ban, industry sources told the Indian Electronic Media.

These are the following 10 points which are the “The Big Story”:

It was learnt on Tuesday that the Centre could bring a Bill in the winter session of Parliament to bar all cryptocurrencies in India, barring a few exceptions, and create a framework to regulate digital currency issued by the Reserve Bank of India (RBI).

In response, all major digital currencies saw a fall of around 15 per cent and more, with Bitcoin down by around 18.53 per cent, Ethereum fell by 15.58 per cent, and Tether down by 18.29 per cent.

But as the news of regulation, not ban, came out, markets seem to be stabilising.

India’s has had a hot-cold relationship with crypto. The RBI had banned it in 2018 voicing “serious concerns” about private cryptocurrencies.

Then the Supreme Court of India had lifted the ban in 2020 and now in 2021 negotiations are on between industry stakeholders and the Centre to bring in a regulation that will put corrupt practices to check.

According to Blockchain and Crypto Assets Council, India holds about ₹ 6 lakh crore in crypto assets.

Last week, the Standing Committee on Finance, chaired by BJP member Jayant Sinha, met the representatives of crypto exchanges, blockchain and Crypto Assets Council (BACC), among others, and arrived at a conclusion that cryptocurrencies should not be banned, but it should be regulated.

Delivering a keynote address at the Sydney Dialogue on November 18, Prime Minister Narendra Modi had urged all countries to ensure that cryptocurrency does not “end up in the wrong hands”.

Private digital currencies have gained popularity in the past decade or so. However, regulators and governments have been sceptical about these currencies and are apprehensive about the associated risks.

Recently, there have been a rising number of advertisements promising easy and high returns on investments in cryptocurrencies, amid concerns over such currencies being allegedly used for luring investors with misleading claims.

Sources: NDTV News : click the link for more information.

If you want to know more about what’s happening in the world of Crypto, then stay connected with DocTooLss , or just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

SPLUNK..!!!!

Whenever we are in a group surrounded by Cyber experts somewhere or the other talk there is a discussion on this tool known as SPLUNK. Some get goosebumps and don’t understand what is this greek talking about either we start turning back our mind pages or mostly we do Google.

So here we talk about in gist as what exactly is SPLUNK:

SPLUNK

What is Splunk?

Splunk is a tool that is used for monitoring, searching, analyzing and visualizing machine-generated data in real-time. It helps improve velocity, quality and the business impact of app delivery. It is commonly used for information security and development operations and more advanced use cases for custom machines, the Internet of Things, and mobile devices.

How it Works?

It indexes and correlates information in a container that makes it searchable and possible to generate alerts, reports, and visualizations.

What is Splunk in DevOps?

For IT teams adopting DevOps, Splunk software helps improve velocity, quality, and app delivery’s business impact.

Splunk Products

Splunk is available in three different versions.

  • Splunk Enterprise
  • Splunk Light
  • Splunk Cloud

Splunk Processing Components

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

What is SIEM vs SIAM?

SIEM vs SIAM

SIEM: Security Information and Event Management (SIEM) is a software solution that aggregates and analyzes activity from many different resources across your entire IT infrastructure.

How do SIEM works?

It works by collecting log and event data generated by an organizations applications, security devices and host systems and bringing it together into a single centralized platform. SIEM gathers data from antivirus events, firewall logs and other locations; it sorts this data into categories, for example : malware activity and failed and successful logins. 

SIEM tool it identifies threat through a network security monitoring, which generates an alert and identifies a threat level based on predetermined rules set. Ex: If some user tries to log into an account 10 times in 10 minutes that is okay, but 100 times in 10 minutes might be flagged as an attempted attack.

By this, it detects threats and creates security alerts. SIEM’s custom dashboards and event management system improves investigative efficiency and reduces time wasted on false positives.

The threat detection element itself can help to detect threats in emails, cloud resources, applications, external threat intelligence sources and endpoints. This can include user and entity behaviour analytics (UEBA) which analyzes behaviours and activities to monitor for abnormal behaviours which could indicate a threat. It can also detect behaviour anomalies, lateral movement and compromised accounts.

Main features of SIEM

  • Threat Detection
  • Investigation
  • Time to respond

SIAM: Service Integration and Management (SIAM) is an approach to managing multiple suppliers of services (business services as well as information technology services) and integrating them to provide a single business-facing IT organization.

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

CHINA Passes Personal Information Protection Law (PPPL)

Personal Information Protection Law (PPPL)

On 20th August 2021, China’s Standing Committee of the National People’s Congress has passed the Standing Committee of the National People’s Congress. This is the china’s first comprehensive data protection law.

This law which is passed is on the other jurisdictions’ omnibus data protection regimes, including the EU General Data Protection Regulation (“GDPR”). GDPR which stands for General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area that addresses the transfer of personal data outside the EU and EEA.

This law protects country’s efforts to regulate cyberspace and is expected to add more compliance requirements for companies in the country. It states the handling of personal information that must have clear and reasonable purpose and shall be limited to the “minimum scope necessary to achieve the goals of handling” data.

This also lays out conditions for which companies can collect personal data, including obtaining an individual’s consent, as well as laying out guidelines for ensuring data protection when data is transferred outside the country.

This law is effective from November 01st 2021, for more information on the above blog”, click here.

DocTooLss

We at DocTooLss are certified by AWS & Azure certificates and day in & day out make ourselves well versed with the AWS & Azure ongoing cloud services.

We can even assist our clients in understanding the cloud & the services provided by them, so no need to go anywhere or pay a huge amount of money on online big educational institutions. Just drop an email to info@doctoolss.com or contact the undersigned .

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

STRRAT data-stealing malware now posing as a Ransomware…!!

Malware Attack

Amid the global pandemic here comes a new series of tweets from the OS giants Microsoft, where they have warned with a “massive email campaign; that’s pushing of a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection.”

STRRAT whic is a java based remote access tool which steals browser credentials, logs keystrokes and takes remote control of infected systems—all typical behaviors of RATs, MSI researchers described in documentation posted on GitHub about the malware.

This is a malware that has a unique feature i.e. “its a ransomware encryption/decryption module” that changes file names in a way that would suggest encryption is the next step.

How does it cause a damage?

Attackers used compromised email accounts to send several different emails. Some of the messages use the subject line “Outgoing Payments.”

STRRAT has first emerged in the threat landscape in June 2020, observing the Windows malware (version 1.2) in phishing emails containing malicious Jar (or Java Archive) attachments.

For more information on these, click here

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

What is EC2 Image Builder?

EC2 Image Builder is a fully managed AWS service that makes it easier to automate the creation, management, and deployment of customized, secure, and up-to-date “golden” server images that are pre-installed and pre-configured with software and settings to meet specific IT standards.

The guided steps by EC2 Image Builder:

  • Provide starting artifacts
  • Add and remove software
  • Customize settings and scripts
  • Run selected tests
  • Distribute images to AWS Regions

Features of EC2 Image Builder

  1. Increase productivity and reduce operations for building compliant and up-to-date images
  2. Increase service uptime
  3. Raise the security bar for deployments
  4. Centralized enforcement and lineage tracking
  5. Simplified sharing of images across AWS accounts

For more information on these devices, click here

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

IoT the Next CobWeb

IoT the Next CobWeb

In the world today where we are breathing through masks, due to the pandemic times, where mostly all are working from home. Businesses need to be automated. In a real business scenario where we would have some technical glitches or a bearing failure whereby the service technician would file a complaint, either by creating or raising a ticket physically over a tablet or laptop, but with IoT it will sensorise the oil well with more fine crane monitoring the data and analytics and read a conclusion as there will be a bearing failure in future. The automation will create a fixed ticket automatically, detecting through IoT and remediate it through choreographically.  

As per Gartner by 2024, 50 % of the enterprise’s applications in production will be IoT- enabled. Many applications will be connected to IoT as companies have connected IoT to their backhand systems.

The benefits of IoT and the widespread of IoT:

  • IoT enables your business applications to improve how you perform your business.
  • By 2023, 35% of midsize to large enterprises will leverage a hybrid cloud-to-edge computing deployment model for at least one IoT project.
  • By 2023, 25% of on-site industrial assets will be connected by closed-loop systems using IoT technologies.

Source: Gartner survey

Some of the IoT devices to be used :

  • BrainCube by Brain Cube
  • Kloudq IIoT by Kloudq Technologies
  • PTC ThingWorx by PTC
  • Oracle IoT cloud by Oracle
  • Azure IoT
  • IBM Watson IoT by IBM

For more information on these devices, click here

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

Website Built with WordPress.com.

Up ↑

Create your website with WordPress.com
Get started