When an email shows ‘SPF=fail’ but is not blocked by an antispam filter, it can be due to several reasons. Knowing and fixing the issue is important; otherwise, threat actors can exploit the security gap by sending fraudulent emails in your business’ name.
There is a default anti-phishing policy that is applied to all recipients, but it’s better to create custom policies for better protection. To configure the anti-phishing policies, you need to be assigned permissions in the Microsoft Defender portal. If you have the required permissions, you are good to go ahead and make modifications.
![Windows SmartScreen Exploited, Ransomware Leader Arrested, Russian Hacker Sentenced – Cybersecurity News [August 12, 2024]](https://www.duocircle.com/wp-content/uploads/2024/08/spf-record-check-1.jpg)
Here we are with cybersecurity latest with our news bulletin. This week, we’ll share all the info on the Windows SmartScreen flaw, the arrest of the Reveton ransomware cartel’s operator, the sentencing of a Russian cybercriminal who stole 300,000 login credentials, the details of the 3AM ransomware breach of Kootenai Health patient data, and fake alerts on X being used as clickbait. Let’s take a look!
Ever since Google and Yahoo rolled out new email-sending policies that mandate organizations that send bulk marketing emails every day to deploy DMARC (Domain-based Message Authentication Reporting and Conformance), organizations across the world have been quite proactive in meeting these new standards. The wave of DMARC adoption was such that over 800,000 new DMARC records were created by March 2024. And just like the rest of the world, organizations in Ireland also jumped on this bandwagon.
As per RFC, if an SPF record has more than 255 characters, then it will be invalid. This simply means that such an SPF record would give false positives and negatives– neither of them works in favor of your domain.
‘Quid pro quo’ is the Latin term that literally means ‘this for that,’ meaning a mutual exchange. Although the term itself doesn’t indicate an illegal act, threat actors leverage this social engineering tactic to offer something valuable or helpful in exchange for information or access to a system.
![Windows Update Exploit, Interpol Recovers $40M, Chrome Direct Payments – Cybersecurity News [August 05, 2024]](https://www.duocircle.com/wp-content/uploads/2024/08/dkim-record-check.jpg)
From the latest Windows update downgrade attack to the recovery of $40 million by Interpol, Google’s new website payment feature, the hack on the classroom management platform, and the US suing TikTok for violating child privacy laws, our weekly cybersecurity bulletin will share the top news that’s making headlines around the world.
Digital Operational Resilience Act (DORA) is a regulation by the European Union that came into force on January 17, 2023. It makes the financial institutions and entities within the finance sector more resilient towards fraud. It strengthens banks, insurance companies, investment firms, and other financial service providers to get back on their feet after major losses and disruptions.
Secure Email Gateways (SEGs) are like your email infrastructure’s personal security guards. They ensure only safe and legitimate emails go out from your company, keeping it protected from email-based attacks. The overall practice of deploying SEGs prevents the distribution of malware and phishing attempts through emails, instills trust in your clients and prospects, helps you stay compliant with industry standards, and, most importantly, wards off litigations and financial damages. (more…)
When it comes to ensuring the success of your email campaigns, something that is just as important as the content of the email is the trust it inspires in your recipients. The way the receivers and their mail servers perceive your emails tells a lot about your brand’s identity and credibility.
![TryCloudflare Malware Spread, FBI Scam Alert, Azure Outage Triggered-Cybersecurity News [July 29, 2024]](https://www.duocircle.com/wp-content/uploads/2024/08/spf-record-tester.jpg)
This week’s latest scoop in cybersecurity will take you to the TryCloudflare exploitation for deploying RATs, the new FBI warning about scammers impersonating crypto exchanges, the MS Azure outage details, new features on Google Chrome against infostealers, and the security gap in Whatsapp for Windows that allows threat actors to run malicious scripts without alerts. Stay tuned to learn more about these and how to stay safe!
A cyber-espionage group backed by North Korea has been sneaking into the vital intellectual property and technical information of the US. The group is a part of North Korea’s foreign intelligence service. From aerospace to defense, engineering companies to nuclear science, the group has been prying into critical infrastructures. (more…)
By now, you might have heard a lot about how DMARC reports are crucial for your organization to gain insights into your email traffic and learn how your authentication protocols are waging against phishing and spoofing attempts. They reveal the harsh truth, that is, not all emails claiming to be from your domain are legitimate. While you’re decoding DMARC reports, have you ever looked into the sources of these emails?
Email authentication isn’t simply about verifying senders; it’s about protecting your organization from phishing, spoofing, and other email-based attacks and, most importantly, ensuring that your email campaigns reach their intended recipients. An email authentication protocol that ticks all of these boxes is DMARC, or Domain-based Message Authentication, Reporting, and Conformance.
![Chrome Warns Users, KnowBe4 Hires Hacker, Greece’s Registry Attacked – Cybersecurity News [July 22, 2024]](https://www.duocircle.com/wp-content/uploads/2024/07/email-migration-service.jpg)
This week’s cybersecurity updates include the latest Google Chrome malicious file alerts, the story of KnowBe4 hiring a North Korean Hacker, the 400 cyberattacks on the Greece Land Registry, US Sanctions on Russian Hackers targeting critical infrastructure, and threat actors taking advantage of fake CrowdStrike updates. Stay tuned!
You wonder what can a malicious actor do with your email and no password? Well, a lot!
The SPF delegation method is for domain owners who authorize an external email server to send emails on their behalf without having them fail the email authentication checks. This requires you to make some alterations to the existing SPF record.
The risk of cybercriminals intercepting your emails and tampering with them is perpetual. But there’s a way to mitigate this risk and make sure that your emails are delivered unaltered without any malicious interference. Implementing DKIM or DomainKeys Identified Mail is your masterstroke against email tampering and spoofing. It relies on cryptographic techniques to sign your emails, allowing recipients to verify that they truly originate from your domain and have not been messed with.
![Trello Emails Leaked, Malware Domains Registered, Kaspersky Exits USA – Cybersecurity News [July 15, 2024]](https://www.duocircle.com/wp-content/uploads/2024/07/spf-permerror.jpg)
Here’s an inside look at the latest cybersecurity news covering the 15 million emails stolen from Trello, Kaspersky’s exit from the U.S., what Revolver Rabbit is doing with 500,000 domains, the AT&T Data Breach, and info-stealer malware being distributed via Facebook ad campaigns. Let’s take a look!
Threat actors bypass DKIM authentication checks with the DKIM replay attack technique. This allows them to attain a copy of a valid email and replay it with additional or replaced From, To, or Subject headers. As the original DKIM signature is valid, the replayed version also passes the DKIM authentication checks. This way, even phishing and spoofing emails land in the recipients’ inboxes instead of spam folders.