‘Quid pro quo’ is the Latin term that literally means ‘this for that,’ meaning a mutual exchange. Although the term itself doesn’t indicate an illegal act, threat actors leverage this social engineering tactic to offer something valuable or helpful in exchange for information or access to a system.
![Windows Update Exploit, Interpol Recovers $40M, Chrome Direct Payments – Cybersecurity News [August 05, 2024]](https://www.duocircle.com/wp-content/uploads/2024/08/dkim-record-check.jpg)
From the latest Windows update downgrade attack to the recovery of $40 million by Interpol, Google’s new website payment feature, the hack on the classroom management platform, and the US suing TikTok for violating child privacy laws, our weekly cybersecurity bulletin will share the top news that’s making headlines around the world.
Digital Operational Resilience Act (DORA) is a regulation by the European Union that came into force on January 17, 2023. It makes the financial institutions and entities within the finance sector more resilient towards fraud. It strengthens banks, insurance companies, investment firms, and other financial service providers to get back on their feet after major losses and disruptions.
Secure Email Gateways (SEGs) are like your email infrastructure’s personal security guards. They ensure only safe and legitimate emails go out from your company, keeping it protected from email-based attacks. The overall practice of deploying SEGs prevents the distribution of malware and phishing attempts through emails, instills trust in your clients and prospects, helps you stay compliant with industry standards, and, most importantly, wards off litigations and financial damages. (more…)
When it comes to ensuring the success of your email campaigns, something that is just as important as the content of the email is the trust it inspires in your recipients. The way the receivers and their mail servers perceive your emails tells a lot about your brand’s identity and credibility.
![TryCloudflare Malware Spread, FBI Scam Alert, Azure Outage Triggered-Cybersecurity News [July 29, 2024]](https://www.duocircle.com/wp-content/uploads/2024/08/spf-record-tester.jpg)
This week’s latest scoop in cybersecurity will take you to the TryCloudflare exploitation for deploying RATs, the new FBI warning about scammers impersonating crypto exchanges, the MS Azure outage details, new features on Google Chrome against infostealers, and the security gap in Whatsapp for Windows that allows threat actors to run malicious scripts without alerts. Stay tuned to learn more about these and how to stay safe!
A cyber-espionage group backed by North Korea has been sneaking into the vital intellectual property and technical information of the US. The group is a part of North Korea’s foreign intelligence service. From aerospace to defense, engineering companies to nuclear science, the group has been prying into critical infrastructures. (more…)
By now, you might have heard a lot about how DMARC reports are crucial for your organization to gain insights into your email traffic and learn how your authentication protocols are waging against phishing and spoofing attempts. They reveal the harsh truth, that is, not all emails claiming to be from your domain are legitimate. While you’re decoding DMARC reports, have you ever looked into the sources of these emails?
Email authentication isn’t simply about verifying senders; it’s about protecting your organization from phishing, spoofing, and other email-based attacks and, most importantly, ensuring that your email campaigns reach their intended recipients. An email authentication protocol that ticks all of these boxes is DMARC, or Domain-based Message Authentication, Reporting, and Conformance.
![Chrome Warns Users, KnowBe4 Hires Hacker, Greece’s Registry Attacked – Cybersecurity News [July 22, 2024]](https://www.duocircle.com/wp-content/uploads/2024/07/email-migration-service.jpg)
This week’s cybersecurity updates include the latest Google Chrome malicious file alerts, the story of KnowBe4 hiring a North Korean Hacker, the 400 cyberattacks on the Greece Land Registry, US Sanctions on Russian Hackers targeting critical infrastructure, and threat actors taking advantage of fake CrowdStrike updates. Stay tuned!