Recently, Microsoft users received data breach notification emails, which, however, were marked as spam by Microsoft’s own security tools.
Email authentication has become a non-negotiable standard for companies and governments, as it prevents phishing, spoofing, ransomware, and other email-based cyberattacks. Email authentication protocols also raise alerts for modified email contents as these changes indicate tampering done by threat actors.
![Chinese Hackers Hijack Routers, US Stops Botfarm, Google Adds Passkeys – Cybersecurity News [July 08, 2024]](https://www.duocircle.com/wp-content/uploads/2024/07/sendgrid-alternative-5.jpg)
Here we are back again with cybersecurity’s latest covering the news that shook the world this week. We’ll take a look at Chinese hackers taking over SOHO routers for attacks, how the US DoJ shut down Russian bot accounts on X, the new passkeys for Google account protection, the Fujitsu data breach, and the compromise of personal and healthcare information of the City of Philadelphia. Stay tuned!
Google has always prioritized user safety and has designed the Google Critical Security Alert to warn users whenever a threat actor or unauthorized person tries to access your Google account. This security feature also alerts you if there is a login to your account from a new or unrecognized device, allowing you to deny access if you don’t recognize the device. You receive a notification on your primary device (in which the particular Google account is logged in), where you have to click on either of the options – ‘Yes, it’s me’ or ‘No, secure account.’ You may also receive this notification via email.
Email authentication protocols like the Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) are considered to be robust mechanisms to protect against cybersecurity threats such as spoofing and phishing. This is when you are sending emails from your domain, but when it comes to forwarding emails, these protocols fall short.
DMARC helps prevent spoofed emails from bypassing spam filtering, but it’s just one part of a broader anti-spam strategy. Not all DMARC reports are equal; some show detailed recipient responses, while others only indicate success or failure. Understanding why a message failed is as important as knowing if it did.
![Brain Cipher Ransomware, Infostealer Tracks Users, TeamViewer Russian Hackers – Cybersecurity News [July 01, 2024]](https://www.duocircle.com/wp-content/uploads/2024/07/anti-phishing-software-1.jpg)
Welcome back to our weekly bulletin, where we bring you the latest cybersecurity information so you can stay safe against the latest attacks and malicious campaigns. We’ll share details about the new Brain Cipher ransomware, how info stealers could track users linked to child abuse sites, the corporate attack on Team Viewer, the story of a scorned employee stealing patient healthcare data, and the latest crypto drainer phishing attack on Ethereum. Stay tuned!
A DKIM record is a DNS record in the TXT format that includes a public key that is used by recipients’ mail servers to verify the legitimacy of emails they receive from your domain. A standard DKIM record has a name, version, key type, and public key. Some domain owners think that creating a DKIM record requires hardcore technical expertise, but that’s not true, especially when it comes to generating a basic DKIM record. You just need to be an average tech user, and you will be able to create a DKIM record on your own.
Have you ever wondered how much more effective your marketing could be if you had the right email addresses? In 2023, email marketing delivered a return on investment (ROI) of $42 for every $1 spent, making it one of the most cost-effective marketing strategies available. Yet, sourcing accurate email addresses can feel like finding a needle in a haystack. Fear not! This guide will help you discover practical methods to build your email list with precision and efficiency.
Not all your emails pass authentication checks and other filters, thus returning with error codes. These codes help diagnose and understand issues that occurred during email transmission, letting you fix them and resend the message. For instance, it could indicate if the problem is due to incorrect credentials, a blocked email, or a temporary server issue. Some error codes indicate security-related issues, such as failed authentication attempts or detection of spam or phishing attempts.
You probably know by now that cybersecurity isn’t just about protecting your computers and data from threat actors, but it has broader implications that go as far as national security. Yes, it’s true! Case in point: the recent ban on Kaspersky antivirus software by the US government.
![LockBit Bank Data Deception, Snowblind Evades Detection, FBI Warns Crypto Scams – Cybersecurity News [June 24, 2024]](https://www.duocircle.com/wp-content/uploads/2024/07/phishing-protection.jpg)
This week’s cybersecurity bulletin is packed with news that’s making headlines around the world! We’ve got reports on a failed scare tactic by the LockBit ransomware gang, a new and sneaky Android malware called Snowblind, the FBI warning about fake law firms targeting crypto scam victims, a supply chain attack that backdoored WordPress plugins, and Chinese cyberspies using ransomware as a diversion. Read more below!
Email authentication protocols are the foundation of your email security strategy, and even the most seemingly insignificant error can mess up your deliverability and security. One such issue is an invalid DKIM signature, which means there are inaccuracies in your domain’s DomainKeys Identified Mail (DKIM) configuration.
The main purpose of DKIM is to verify whether a malicious entity tampered with email content in transit. To ensure this, a pair of public and private keys are produced for your domain and used by the source email systems to digitally sign the headers of outgoing messages. This digital signature remains valid until intermediate email systems modify the signed part. The d= value represents the signing domain in the header field.
Back in October 2023, Google released its revamped version of email-sending policies, which mandated bulk email senders to comply with the new authentication standards by February 2024. Cut to today: Google has now officially started rolling out these updated policies, and some organizations are receiving the following error message while sending emails:
DMARC, or Domain-based Message Authentication, Reporting, and Conformance is one of the most important email authentication protocols that helps protect your email domains from phishing, spoofing, and other email-based cyber threats. Perhaps this is why it has now become a norm for organizations that send bulk emails to comply with.
![Kraken Flaw Heist, CDK Cyberattack Hits, AMD Investigates Breach – Cybersecurity News [June 17, 2024]](https://www.duocircle.com/wp-content/uploads/2024/06/Office-365-to-Office-365-migration.jpg)
Don’t miss out on the latest cybersecurity scoop of the week! We’ll be covering the $3 million stolen from Kraken, the cyberattack that has affected thousands of US car dealerships, the AMD data leakage, fake Chrome errors installing malware on devices, and the cyberattack on the Toronto District School Board.
Mailchimp is a popular email marketing service that businesses use to create, send, and analyze email campaigns. If you also use Mailchimp, configuring SPF, DKIM, and DMARC will enhance your email deliverability and email security.
Flexible and dynamic SPF records are easier to manage and need less frequent updates. Such records are even more significant for organizations with an extensive email ecosystem as they allow scalable SPF configurations.
![Phishing Exploits Windows, CISA Scam Alert, Cleveland Cyber Response – Cybersecurity News [June 10, 2024]](https://www.duocircle.com/wp-content/uploads/2024/06/DMARC-report-check.jpg)
We’re back with cybersecurity’s latest in our latest news piece. This week, there were several cybersecurity threats, including phishing emails that exploit a weakness in Windows Search to deliver malware, impersonation scams by people pretending to be from CISA, a cyberattack that shut down many government services in Cleveland, a new kind of Windows malware called Warmcookie that spreads through fake job postings, and a blood shortage in London hospitals caused by a ransomware attack. Here’s everything about these!