The lack of DNSSEC is a problem that affects a large number of domains worldwide. It is a very powerful security feature, but its adoption has not been as widespread as one might expect. In fact, the SIDN indicates that, as of October 2024, only about 5% of .com domains were signed with DNSSEC. Considering […]
The Lack of DNSSEC Explained: Risks, Barriers, and Solutions Read More »
The Domain Name System (DNS) is one of the fundamental components of the Internet, since it has the task of converting human-readable domain names into IP addresses that computer systems can interpret. But just how important is this exactly? To get an idea, Vercara’s UltraDNS platform processed 41.97 trillion DNS queries in 2023 alone, averaging
DNS Pointing to Local IPs: What It Is, How It Works, and Why It Matters Read More »
The Model Context Protocol (MCP) is quickly becoming the go-to way to connect AI models with real tools and data. Think of it as the “USB-C of AI,” a simple, flexible plug-in system that just works. The protocol’s real-world traction is undeniable: as of mid‑2025, over 5,000 active MCP servers are listed in the Glama
MCP Server Hardening: How to Secure MCP Servers in Production Read More »
SPF misconfigurations are a serious issue that can have far-reaching consequences, from damaging a brand’s reputation to causing financial losses and even legal complications. Despite being a relatively small technical detail, an incorrectly set up SPF record can create big problems. One of the key best practices is using the -all mechanism in SPF records,
Protecting Your Domain Against SPF Misconfigurations Read More »
MX misconfigurations aren’t exactly breaking news. They’re a common issue that users deal with on a daily basis. When your MX (Mail Exchange) records aren’t properly set up, it can create serious problems, not just in terms of email delivery, but also for the overall security of your domain. According to data from 2IP.io, Google
Cybersecurity flaws come in many forms. While most affect operating systems, libraries, or web apps, some go after a less obvious but equally critical target: DNS servers. Over the years, several CVEs affecting DNS servers have been discovered, and some of them rank among the most serious security risks out there. DNS is what makes
Attackers aren’t just sending sketchy links anymore; they’re crafting subdomains that look almost identical to real websites, called phishing subdomains. It’s not just a trick; it’s a tactic designed to fool even the most cautious users. So the question is: how dangerous has phishing become? Let’s check out some stats to answer that. According to
SSL/TLS encryption is critical for securing online communication, but even small configuration mistakes can expose your site to significant vulnerabilities. For example, 71% of organizations reported SSL/TLS-related attacks last year. According to OWASP, in 2021 for example, 90% of applications were tested for some form of misconfiguration. Let’s explore the top 20 SSL/TLS misconfigurations, the
Top 20 SSL/TLS Misconfigurations You Need to Avoid Read More »
If you’ve ever played with web servers, dug into browser dev tools, or optimized a website’s security and performance you’ve probably run into HTTP headers. Among the most common headers, we can find HSTS, used by almost 3500 of the top 10,000 websites in the world, according to the current data provided by Built With.
Security is more important than ever, new threats are emerging daily in the internet world. Have you ever wondered how web browsers protect your data integrity when you visit different websites? Meet Cross-Origin-Resource-Policy (CORP), a cool tool to secure your online data. Cross site requests are a big part of web security, especially in the
Cross-Origin-Resource-Policy (CORP) Configuration Guide Read More »
