In 1989, a group of unsuspected attendees at a World Health Organization conference received around 20,000 floppy disks. This incident went down in history not because of any scientific breakthroughs but because it heralded an all-new era in cybercrime—ransomware. Fast-forward to today, and ransomware attacks have transformed into a billion-dollar criminal enterprise, targeting not only the big giants but also small businesses and individuals.
What is DNS and why is it the backbone of the internet?
by DuoCircle
DNS stands for Domain Name System, which is often referred to as the phonebook of the internet. Just as a phonebook helps you know the phone number of a person or organization, DNS also lets you know the IP address of a website. It’s complicated to remember the numeric and alphanumericIP addresses of so many websites; that’s why you just type the name of the website in your browser’s search bar, and DNS steps in to retrieve the IP address corresponding to the website so that you land on the desired webpages.
Iranian Cyber Threats, October Patch Updates, China Infiltrates Wiretap – Cybersecurity News [September 30, 2024]
by DuoCircle
We’re back to provide you with the latest cybersecurity news of the week. This week, we dive into a joint warning from CISA and the FBI about Iranian-backed cyber activity aimed at undermining US democratic institutions. Microsoft’s Patch Tuesday for October 2024 addresses a range of critical vulnerabilities. We’ll also discuss the alarming report that China has infiltrated police wiretap systems, Sellafield’s hefty fine for cybersecurity breaches, and how gamers are tricked into downloading Lua-based malware through fake cheating script engines. Let’s explore each of these developments in detail.
Email deliverability is one of the primary factors in deciding whether your day-to-day emails and specially curated email campaigns will land in your inboxes or get marked as spam. There could be several reasons your email deliverability is low, including the “550 5.7 0 Email Rejected Per SPF Policy” error code.
What are email feedback loops and how do they work?
by DuoCircle
Email feedback loops are the significant mechanisms that notify senders about spam complaints. Your sender’s reputation plays a huge role in deciding whether a recipient’s mailbox will place your email in the inbox or spam folder or reject its entry. This is where email feedback loops step in and help you monitor your complaint rates so that you can take corrective measures for protecting and improving your domain’s sender reputation. Some of the common corrective measures are changing the way you write email content, using a better subject line, removing dormant subscribers from the list, providing an easy one-click unsubscribe option, etc.
Learning to avoid breaking up the Google Workspace DKIM setup
by DuoCircle
Enabling DKIM on Google Workspace is a two-step process but most people stop after completing the first one only. If that’s what you have also done, then please know that in such scenarios, DKIM and DMARC will function normally, and there won’t be any impact on email delivery, failing to complete the second step will compromise your email security. However, DKIM will fail to authenticate emails using your custom domain, causing communication problems at multiple levels.
We’re back to provide you with the latest cybersecurity news of the week, designed to keep you informed and secure against evolving threats. This week, we delve into Microsoft’s identification of Storm-0501 as a critical player in hybrid cloud ransomware attacks, a new HTML smuggling campaign distributing DCRat malware to Russian-speaking users, CISA’s release of a new toolkit for K-12 schools to address anonymous threats, a recently patched but less severe vulnerability in CUPS, and NIST’s revisions to identity and password guidelines. Furthermore, let us now go through the details of each story.
A guide to detecting DMARC problems using the pentesting techniques
by DuoCircle
While DMARC has proven its ability to keep spoofing and phishing attacks at a distance, DMARC records can have errors and misconfigurations. So, if you are seeing multiple instances of false positives, false negatives, delivery issues, etc., then it’s suggested that you check your DMARC record to see if it has issues. This can be done by running your DMARC TXT record through an online lookup tool. You can also come across errors and misconfigurations using penetration testing.
DMARC is based on three policies: none, quarantine, and reject. As a domain owner, you have the choice to apply one of these three policies for illegitimate emails sent from your domain. However, sometimes, receiving servers don’t respect the policy you applied; they adjust the policy according to what seems to be better for the emails sent from your domain.
Microsoft’s recent updates empower domain owners to combat modern phishing attacks using DMARC
by Duocircle
Microsoft has always encouraged domain owners to deploy DMARC to improve email deliverability and prevent spoofing. It has also been part of industry groups that aim to improve email security standards, demonstrating its endorsement of DMARC as part of the future of secure communication.
![Iranian Cyber Threats, October Patch Updates, China Infiltrates Wiretap – Cybersecurity News [October 07, 2024]](https://www.duocircle.com/wp-content/uploads/2024/10/spf-validator-2.jpg)
![Storm-0501 Threat Identified, HTML Smuggling DCRat, CISA Releases Toolkit – Cybersecurity News [September 30, 2024]](https://www.duocircle.com/wp-content/uploads/2024/10/dmarc-report-2.jpg)
