Tag: security

• Snyk is shutting down the securityheaders.com API

  

  For many in the web security community, securityheaders.com has been a familiar and trusted tool for years. Originally created by Scott Helme, it helped raise the baseline for HTTP security headers across the web, not through flashy reports, but by making the right things visible and measurable. Over time, the project evolved: In April 2025,…

  Joe Tiedeman

  2026-01-22

  Cybaa, security

  security, technology, cybersecurity

• Why You Should Enable Apple’s Stolen Device Protection Today

  

  Smartphones have become far more than communication devices – they’re the keys to our digital lives. Banking apps, email, photos, passwords, health data, even the ability to unlock your front door or car – all of it may be accessible through your iPhone. That makes losing it to theft or opportunistic “shoulder surfing” more dangerous…

  Joe Tiedeman

  2025-10-03

  security

  Apple, cybersecurity, iphone, security, technology

• Why Domain Monitoring is Essential for Microsoft Entra Security

  

  When we think about protecting Microsoft Entra tenants, the conversation often revolves around user identities, conditional access, and multi-factor authentication. Those are all critical – but one piece is often overlooked: verified domains. These domains are the foundation of your organisation’s identity. They determine how email flows, which services are trusted, and ultimately, how people…

  Joe Tiedeman

  2025-09-08

  Cybaa

  azure, Cybaa, cybersecurity, Email, Microsoft, security, technology

• Don’t let your domains dangle in Microsoft 365

  

  Expired Domains in Microsoft 365: A Hidden Backdoor to Your Tenant Microsoft 365 tenants typically use custom verified domains (like cybaa.io) for user identities and email addresses. Over time, domains may be retired, perhaps after a rebrand, acquisition, or project sunset, and their registrations allowed to expire. If such expired domains remain listed as verified in…

  Joe Tiedeman

  2025-06-07

  Uncategorized

  azure, cloud, cybersecurity, entra, Microsoft, security

• mx.microsoft is coming!

  Microsoft is gearing up for a significant shift in its email security infrastructure, replacing the familiar “mail.protection.outlook.com” with a new set of subdomains under mx.microsoft. This exciting move, starting in March 2024, brings with it a powerful security duo: SMTP DANE and DNSSEC. But before you dive into technical details, let’s unpack what this means…

  Joe Tiedeman

  2024-02-23

  Uncategorized

  Email, Microsoft, MX, Office 365, security