Since Mailgun’s early days, we’ve made a point to ensure that our senders could send their emails as securely as possible. When we announced TLS support in 2014, we did this with the customer in mind, and we continue to do so now as we move to deprecate TLS 1.0 and 1.1 in favor of the more secure TLS version 1.2.
Mailgun takes the security of our users’ accounts very seriously, and when it comes to a compromise of an account - no one is having any fun. With so many things that can contribute to an account compromise, we took a step back to look at the various attack vectors used by bad actors trying to gain access to accounts.
Here at Mailgun, we take cybersecurity extremely seriously. When it comes to our customers’ emails, a compromised account can mean compromises for their end-users as well.
In case you need a refresher, phishing emails are emails that spoof legitimate businesses to gain your personal information. These emails lead to a landing page that asks you to input your personal data like your login or social security number, thus collecting your info.
We talk a lot about security around here at Mailgun, but what exactly do we do about it? Besides features like 2FA and teaching users how phishers get your personal information; we want people to help us shore up our backend, too. That’s why today we’re happy to announce our public bounty offerings with Bugcrowd.
Did you know that an overwhelming majority of the email going around the interwebs each day is spam? You may ask yourself, “Why do people spam?” The short answer is, it’s lucrative.
We’re not going to beat around the bush – phishing sucks. It sucks to fall for a phishing attempt, and it sucks to have phishers pose as you. We can go on and on about how to protect yourself from phishing (and don’t worry, we will by the end of this post), but we stopped and thought – have we ever talked about how phishing happens from our perspective?
Everyone hated the privacy policy email armageddon, businesses included. Not because some of their emails were going straight to spam, but because a lot of businesses had to take a second look at their security measures. Revamping security measures can suck – but losing a ton of personal information is the absolute worst. What can we do?
There are only a couple things worse than mall shopping on Christmas Eve. Your holiday party getting crashed by really bad guys Your account getting compromised by a malicious spammer For number 1, there’s Bruce Willis.
Hour 0: Well, I never thought this would happen, but my password was leaked. My account has been compromised, and my services have been interrupted. This is bad.
Mailgun is making several changes to our domain verification requirements, which will go into effect in two separate phases. This blog post contains a list of steps that you can reference to help you determine if you need to make any changes to your configuration to continue using the service.
Running your infrastructure in a secure configuration is a daunting task even for security professionals. This guide provides practical advice to help engineers build up infrastructure following security best practices so that they can confidently deploy their services to the public Internet and lower their chances of being compromised. This guide specifically targets Linux based systems; however, the best practices apply to all computer systems.
