Cyberattacks and data breaches continue to hit hard this week! A scam targeting U.S. residents through fake DMV messages is harvesting sensitive data. At the same time, separate breaches have exposed insurance documents at Scania, journalist accounts at The Washington Post, and over a million records from Cock.li’s email service is included. WestJet Airlines is also facing internal disruptions due to a cyberattack. Here’s a quick breakdown of the most important incidents and how to stay safe.
The common ‘DMARC policy not enabled’ error pops up during a reverse DNS lookup, indicating that no valid policy is defined in your domain’s DMARC record. Without a DMARC policy, a DMARC record is of no use— it provides no protection from phishing and spoofing emails sent from your domain.
Crafting a follow-up email that gets results is an art form.
It’s about striking the right balance between being helpful and direct. You want to remind your recipient of your value without being too pushy and encourage them to act. Let’s take a look at some key details you should include in your email follow-ups.
Tackling common SPF errors: A cheatsheet for safer email authentication
by DuoCircle
SPF, or Sender Policy Framework, is the foundational authentication protocol that tells receiving servers which sources are allowed to send emails on behalf of your domain. Now, if something goes wrong with your SPF setup, it may not only have a direct impact on your email deliverability and security, but also have a ripple effect across other authentication checks, such as DKIM and DMARC. Emails may land in spam, get rejected outright, or leave your domain vulnerable to spoofing attacks—all because of a misconfigured SPF protocol.
This week’s cybersecurity round-up covers serious threats hitting various sectors, including transportation, healthcare, and retail. Key cybersecurity incidents include a massive data breach in a governmental department, a ransomware attack crippling life-threatening healthcare operations, and a sneaky job scam targeting recruiters. Major giants from the business world have also confirmed cyberattacks that impacted employees and disrupted critical business workloads. Read on for full details, known risks, and what’s being done in response, strengthening the defence mechanisms.
Affiliate email marketing is one of the most stable income channels for affiliates – open rates reach 50% and even more in some industries – but there are still quite a few obstacles to overcome, from spam filters to phishing attacks to fake sign-ups. As an advertiser, you’d like to nullify or at least mitigate all those risks, so you can get purchase-prone leads that match your demographics.
How SPF, DKIM, and DMARC quietly protect every email you send?
by DuoCircle
Every email sent from your domain needs to be from a clean, legitimate sender. Even a single communication attempt by a threat actor impersonating your brand can lead to phishing, spoofing, business email compromise (BEC), and ransomware attacks. This is exactly where SPF, DKIM, and DMARC step in every time an email is sent from your domain.
You might be under the impression that the three major email authentication protocols are mutually exclusive. Well, this might be the most common misunderstanding and is particularly true for SPF (Sender Policy Framework).
We are discontinuing Mail Hosting Services and ContinuityEmail effective September 30, 2025. After nearly 20 years of providing email hosting, we’re ending these services to focus on areas where we can better serve modern business needs: email authentication, DMARC implementation, and deliverability solutions. Customers have four months to transition to providers like Google Workspace, Microsoft 365, or other platforms that offer the integrated business tools today’s companies require.
When Mail Hosting Services was launched in June 2005, the digital landscape looked vastly different. Social media was in its infancy, smartphones were still called “PDAs,” and email was the undisputed king of digital communication. Twenty years later, as we announce the end-of-life for our email hosting services, we can’t help but reflect on the incredible journey email has taken—and the rumors of its demise that never quite materialized.
As a business owner, you probably send emails almost every day, whether they are marketing emails, order confirmations, important instructions, or even internal updates. These emails are essentially an extension of your brand’s identity, and we’re sure that the last thing you want is to taint it or for someone to mess with it.
WebRTC powers your everyday video calls, chats, and real-time data sharing. By eliminating the need for central servers, it reduces response times for communication. However, these direct connections can expose your actual IP address, even if you use a VPN or proxy. WebRTC leaks can reveal your identity and location, undermining your privacy and security online.
From hidden backdoors on GitHub to fake Fastlane plugins hijacking social media bots, this week’s cyber updates spotlight how trust in familiar tools is being silently exploited. Major brands like The North Face and Cartier are also dealing with breaches, and U.S. agencies face urgent patch deadlines due to active vulnerabilities. Let’s take a closer look!
Why transactional emails should always be DKIM-signed
by DuoCircle
Not every email that you send is important, but transactional emails— the ones that confirm your payments, send shipping updates, or reset your password—are especially critical. That’s not just because they carry important information, but also because your users need to act on it quickly.
When it comes to managing your email communication, ensuring that your messages land in the right inbox can feel a lot like navigating a minefield. One misstep, and your carefully crafted emails could end up getting sidestepped—or worse, flagged as spam! A core part of this journey involves understanding and configuring SPF records, which serve as gatekeepers for your domain’s email integrity.
FIDO2: A guide to securing your accounts beyond passwords
by DuoCircle
We’ve all been there— forgotten passwords, set ones that were too simple to be hacked, or used the same passwords across all accounts. But ideally, your priority should be security, not convenience.
We’re back with the week’s cybersecurity round-up of a mix of high-stakes breaches, targeted malware campaigns, and growing concerns around supply chain vulnerabilities. Each of these incidents highlights different tactics attackers are using to exploit trust, access, and visibility. Read on for all the details.
Email is a cornerstone of communication, but imagine sending a message that never arrives or worse, ends up in someone’s spam folder. Frustrating, right? That’s where SPF records come into play. They help email servers decide whether the emails they receive are from someone who’s actually allowed to send them. You might think creating an SPF record sounds complicated, but it’s simpler than you might expect. It’s all about making sure the right people can send messages on your behalf while keeping the unwanted ones at bay. This guide will walk you through setting up your own SPF record step by step, ensuring your emails get where they need to go—without any hiccups along the way!
DKIM replay attacks: Why not all emails should be signed
by DuoCircle
Attackers often outsmart the cybersecurity custodians, and a DKIM replay attack is one such technique exploited by them to sign, seal, and send fraudulent emails using a valid DKIM signature.
Understanding SPF Records for Email Security Have you ever wondered why some of your emails vanish into spam folders while others land right in the inbox? The secret often lies in something called the SPF record. Think of it as a digital passport for your emails, showing the world which servers are allowed to send messages for your domain. Properly managing this little-known aspect can save you from headaches and ensure that your emails are delivered with confidence.
This week in cybersecurity–a student admits to a massive school data hack, a major mobile network outage turns out to be a cyberattack, and hackers are actively spying on global aid operations. We also look into a DNS hijacking campaign affecting top organizations, and a trusted VMware tool gets caught in a malware-laced supply chain attack. Here’s a quick look at what’s been happening.
![DMV Impersonation Scam, Scania Insurance Breach, Cock.li Records Exposed – Cybersecurity News [June 16, 2025]](https://www.duocircle.com/wp-content/uploads/2025/06/spf-record-7896.jpg)
![DOT Account Breach, Kettering Ransomware Attack, Recruiter Systems Compromised – Cybersecurity News [June 09, 2025]](https://www.duocircle.com/wp-content/uploads/2025/06/spf-record-check-9075.jpg)
![GitHub Backdoor Threat, Cartier Data Breach, Fake RubyGems Steal – Cybersecurity News [June 02, 2025]](https://www.duocircle.com/wp-content/uploads/2025/06/email-smtp-service-0905.jpg)
![Cetus Protocol Breach, DragonForce Supply Attack, MATLAB Ransomware Disruption – Cybersecurity News [May 26, 2025]](https://www.duocircle.com/wp-content/uploads/2025/06/windows-smtp-service-8906.jpg)
![PowerSchool Data Extortion, Cellcom Cyberattack Confirmed, Hackers Exploit Gaps – Cybersecurity News [May 19, 2025]](https://www.duocircle.com/wp-content/uploads/2025/05/spf-record-tester-0945.jpg)