Florian Bierhoff

Making IT stuff secure by design :heart_cyber: Level headed gamer :YoshiWave: Voluntary beta tester :dumpster_fire_gif:

Florian Bierhoffxdc33@infosec.exchange
2024-05-27

Am 12. Juni findet mein zweiter Vortrag im Rahmen der IT Security Talks statt. Diesmal stelle ich die in diesem Jahr neu erschienene BSI TR-03182 "E-Mail-Authentifizierung" vor und stehe dazu Rede und Antwort :drake_like: Alle die sich für die TR und Identitätsdiebstahl im E-Mail-Kontext interessieren sind herzlich eingeladen teilzunehmen :ablobowo:

itsa365.de/de-de/actions-event

#TeamBSI #EmailSecurity

Florian Bierhoff boosted:
2024-05-08

⭐ We are proud that we fulfil the BSI's requirements for consumer protection and security as an e-mail provider, once again.

mailbox.org/en/post/bsi-reconf

Florian Bierhoff boosted:
2024-05-08

🌟 Wir sind stolz darauf, dass wir die Anforderungen des BSI an den Verbraucherschutz und die Sicherheit als E-Mail-Provider erneut erfüllen.

mailbox.org/de/post/bsi-verlae

Florian Bierhoff boosted:
2024-05-06

also available in English:
Germany's BSI publishes detailed technical guidelines on e-mail authentication -- "Labels and certification make invisible security measures visible"
sidn.nl/en/news-and-blogs/germ

Germany's Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Security in Information Technology, or BSI) has published technical guidelines on e-mail authentication. The purpose of TR-03182 Email Authentication is to promote the adoption of SPF, DKIM and DMARC, thus making mail more secure and fighting spam and phishing. Mail processors and service providers that comply with the guidelines can seek audit-based certification, while service users can ask prospective providers for proof of compliance as part of their procurement procedures.

#SPF #DKIM #DMARC #InternetSecurity #infosec
@bsi @xdc33

Florian Bierhoff boosted:
2024-05-06

op SIDN.nl: Duitse BSI publiceert uitgebreide technische richtlijn e-mailauthenticatie -- "Labels en certificering maken onzichtbare beveiligingsmaatregelen zichtbaar"
sidn.nl/nieuws-en-blogs/duitse

Het Duitse Bundesamt für Sicherheit in der Informationstechnik (BSI) heeft een technische richtlijn gepubliceerd voor e-mail authenticatie. Doel van de richtlijn 'TR-03182 Email Authentication' is om de adoptie van SPF, DKIM en DMARC te vergroten, daarmee de veiligheid van mail te verhogen, en spam- en phishing-berichten tegen te gaan. Mail-verwerkers en dienstverleners die aan deze richtlijn voldoen, kunnen hun compliance laten toetsen en certificeren. Gebruikers (klanten) kunnen deze richtlijn bijvoorbeeld gebruiken in hun aanbestedingseisen (door te vragen om een 'proof of compliance').

#SPF #DKIM #DMARC #InternetSecurity #infosec
@bsi @xdc33

Florian Bierhoff boosted:
Eugen RochkoGargron
2024-04-03

The fact that you can follow the president of the United States (@potus@threads.net) from your Mastodon account instead of being forced to have an X or Threads account for it is a huge W in my book. Of course our team is fully available to help if they'd want to set up Mastodon on whitehouse.gov. I believe governments should not rely on 3rd party platforms to connect with their constituents.

Florian Bierhoffxdc33@infosec.exchange
2024-03-26

@nebucatnetzer Very cool find!! Love it, when infosec that usually isn't suddenly becomes visible :ablobcool:

Florian Bierhoff boosted:
DW Innovationdw_innovation
2024-03-20

We started this account less than 6 months ago. It's going pretty well – thanks to you: 4.2k followers, lots of interactions, questions, and comments. 🎉

A couple of weeks ago, the European Broadcasting Union () asked us to write a guest article about our experience with / the , explain the basics, and point out the advantages. :mastodon:

Challenge accepted. 👍

So here's the finished post by @lxplm, hot off the press. ⌨️

🔽
ebu.ch/news/2024/03/public-bro

Florian Bierhoffxdc33@infosec.exchange
2024-03-14

@nerdfall a) Ja! B) Das hängt von der Konfiguration und den Fähigkeiten der beteiligten MTAn ab. Nicht alle schreiben das SPF-Prüfergebnis und die Prüfparameter in den Header. Gemäß dem RFC zu SPF wird das zwar empfohlen, ist aber keine Pflicht (Guck mal hier: rfc-editor.org/rfc/rfc7208#sec)

Florian Bierhoffxdc33@infosec.exchange
2024-03-14

Am 17. April stelle ich die aktualisierte BSI TR-03108 "Sicherer E-Mail-Transport" vor. Wer Interesse an einem ersten Einblick bzw. einem Update zu der TR hat, ist herzlich eingeladen :blobcatwavepeek:​

Ein IT Security Talk zur neu veröffentlichten BSI TR-03182 "E-Mail-Authentifizierung" ist auch schon geplant

itsa365.de/de-de/actions-event

#TeamBSI #EmailSecurity

Florian Bierhoff boosted:
Laura Manach :bongoCat:cmconseils
2024-03-09

And you wont change my mind.

Lisa Simpson meme with the text
PASTE WITHOUT FORMATTING SHOULD BE THE DEFAULT
Florian Bierhoff boosted:
MastodonMastodon
2024-02-29

In our latest for Android release, we're making it easier than ever to share profiles using QR codes, among a number of other usability improvements:

blog.joinmastodon.org/2024/02/

Florian Bierhoffxdc33@infosec.exchange
2024-02-22

Goodbye password 👋👋 Sony just added Passkeys to their PlayStation Network 🔐 #Passkeys #PlayStation #PSN
playstation.com/en-us/passkey/

Florian Bierhoffxdc33@infosec.exchange
2024-02-16

It's a wrap! 🌯 Our technical guideline "BSI TR-03108 (Secure Email Transport)" is now accompanied by "BSI TR-03182 (Email Authentication)" providing guidance for email services to protect their users against impersonation attacks like Spoofing and Phishing :flan_mask:​

bsi.bund.de/dok/tr-03182-en

#TeamBSI #EmailAuthentication #DNSSEC #DMARC #DKIM #SPF #SMTP #SMTPSmuggling

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst