Hello Alex,
If the account has approved api access, I might want those reissue too.
kjk
On 4/30/2025 6:29 PM, Alex Shakhov | SH Consulting via mailop wrote:
Access was granted through delegated access - only the account owner
has direct access to the original account. 2FA is enabled, passwords
are changed regularly, and the network is secured by a firewall device
that monitors traffic and blocks unauthorized access attempts.
While it’s technically possible that someone gained access to the
original account, it’s highly unlikely they would have stopped at
simply adding two CNAME records and modifying the SPF for a less
popular domain in the DNS - removing the DMARC record entirely would
have been a far easier and more damaging move.
Given access to over 400 domains, the potential for more serious
actions would have been substantial.
Best,
Alex
On Thu, May 1, 2025 at 12:17 AM John Levine <jo...@taugh.com> wrote:
It appears that Alex Shakhov | SH Consulting via mailop
<a@sh.company> said:
>DMARC p=reject. A follow-up review confirmed only two people (myself
>included) had DNS access, ...
How do you know that? Have you reset the passwords and not told
the other
person for now to try and figure out where the leak is?
Keep in mind it might not be deliberate, e.g. shoulder surfing or
a lucky
guessing attack.
R's,
John
*Over 2 million agents* are aiming for the inbox + mortgage,
insurance, and legal folks too. *Spam filters work overtime*... Peek
at your spam and imagine if all that landed in your inbox :D Getting
through isn’t easy, but SH Consulting knows the smart moves.
*Delivering 100 million+ real estate emails to inboxes* every month is
solid proof, huh?
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
