Patching a critical Exim vulnerability

On Friday the 24th of November a remote code execution vulnerability has been reported for Exim, a popular mail transfer agent for Unix-like platforms. The vulnerability has been found in the SMTP extension chunking (ESMTP CHUNKING), which has been introduced in Exim 4.88. It allows remote attackers to execute... [Read More]

Assumptions are the mother of all... failures

It’s a quite well established figure of speech with the average IT company and I hear it on several occasions during the average week. I often take it for granted that assumptions, and the following disasters, are directly related to human failure in assessing the situation correctly. However, today my... [Read More]

Protection against email spoofing: SPF, DKIM and DMARC

Email was developed in the early 1970s when the internet was still a research project with mainly university networks connected. It relies on the Simple Mail Transfer Protocol (SMTP), which is a protocol designed to transmit messages between systems. At the time when email was developed, security was not really... [Read More]

Managing data in a large, layered application

The API we are building consists of many different, and mostly independent (decoupled), layers (at least 7 before reaching the database). One of the only things that is required by all the layers is the data that is being retrieved or sent to the app. That data comes in... [Read More]

Protecting against ImageTragick using Ansible

On May 3rd, details were published about a vulnerability in ImageMagick, allowing remote code execution if you process user submitted images. Exploits for this vulnerability are being used in the wild. The following ansible playbook may be used to apply the policy file mitigation discussed on that website. If... [Read More]