From arrests slowing down major hacker groups to new threats quickly taking their place, this week has been full of movement in the cybersecurity space. Threat actors are shifting tactics, launching new ransomware groups, targeting telecoms, and using fake mobile apps to steal and extort. Even major airlines and telecom giants like Aeroflot and Orange haven’t been spared. Here’s a roundup of the key cyber incidents and developments of the week.
In an age where our inboxes are overflowing with messages, ensuring that the emails you send actually reach their intended recipients can feel like a daunting task. Have you ever wondered why some of your important emails end up lost in the void of the spam folder or, worse, get rejected outright? This is often due to a little-known defense mechanism called the Sender Policy Framework (SPF).
What is a DMARC analyzer tool, and how to use it in the best way?
by DuoCircle
If you are planning to secure your business email communications by deploying email authentication policies such as SPF, DKIM, and DMARC, know that this is just the tip of the iceberg. In order to ensure fool-proof security for your email landscape, you must use a DMARC analyzer tool. With its help, you get to evaluate DMARC reports closely, thereby bolstering the email system.
In a world where email communication is essential for businesses, it’s alarming how many organizations overlook the basics of email security. Have you ever received an email from a seemingly trustworthy source, only to later discover it was a clever spoof? This common issue highlights the importance of establishing a solid foundation for your email systems.
The 32KB limit in DMARC reports: What it means and why it matters
by DuoCircle
Has it ever happened to you that you sent around 500,000 emails a day but only received DMARC reports for half of them? That too, without any alerts or warnings?
In today’s tech-driven world, the threat of zero-day attacks looms larger than ever. These types of cyber threats catch many organizations off guard, often exploiting vulnerabilities before anyone knows they exist. Imagine a thief sneaking into your home through a door you didn’t even know was unlocked—that’s the reality for many businesses facing these hidden dangers.
From malware sneaking in through fake game cheats to ransomware hitting hospitals, this week’s cyber stories are anything but quiet. Lumma’s back in action, Coyote’s abusing Windows in clever ways, and even Dior couldn’t dodge a data breach. If you use the internet (and who doesn’t?), here’s what you should be paying attention to.
How to fix the “DMARC policy not enabled” error- Everything you need to know!
by DuoCircle
If you have stumbled upon this blog, then it is highly likely that you are dealing with the issue of the “DMARC policy not enabled” error. You get this message when your domain has a DMARC record, but there is no valid policy to define it. A DMARC record makes no sense without a DMARC policy. It’s like having a front desk guard in your building who smiles and nods, even when strangers walk in. Hence, the moment this message appears, you must understand that your email system is no longer protected against phishing and spoofing attacks.
In a world where emails are the primary means of communication, the risk of phishing attacks lurks just one click away. Whether it’s a seemingly innocuous message from a “trusted” source or a polished-looking request for sensitive information, these scams can catch anyone off guard. The reality is that identifying these threats isn’t just about having the latest technology; it also relies heavily on being informed and proactive.
How are Gmail and Outlook policies raising the bar for DMARC adoption?
by DuoCircle
There was a time when email security was a mere IT concern; it was a good-to-have but wasn’t really a priority. We are referring to a time when email-based threats were not as prevalent or dangerous as they are today. It might sound like we are talking about a distant past here, but that’s the reality. You can no longer put email security on the back burner, thinking that your emails will protect themselves or that cybercriminals will never reach you.
When you check your email, how often do you stop to think about the risks lurking behind seemingly innocent messages? Spear phishing attacks—targeted attempts designed to trick individuals into revealing sensitive information—are becoming more common and far more sophisticated. As cybercriminals zero in on their targets with personalized tactics, it’s essential for everyone, especially employees, to recognize these threats before they strike.
Attackers are getting creative again, using copy-paste tricks to drop malware, hiding Android threats inside broken app files, and setting up entire fake startups to steal crypto. Developers are being targeted through tampered npm packages, while a newly exposed Wing FTP flaw is already under active abuse. With techniques evolving fast, staying patched and alert is more important than ever. Read on to stay a step ahead!
Cloudflare’s new SPF, DKIM, and DMARC requirements
by DuoCircle
Starting July 3, 2025, Cloudflare requires all emails to be authenticated using at least one of the protocols. SPF or DKIM, to forward them. This requirement has been imposed in consideration of the growing number of email-based phishing and spoofing attacks. These email authentication protocols ensure that only authorized emails reach the inboxes of recipients, thereby preventing them from being manipulated into transferring money or sharing confidential information.
Email communication has become a vital part of our daily lives, especially for businesses. But did you know that a simple yet crucial security feature can help protect your emails from being tampered with or falsely represented? That’s where DKIM (DomainKeys Identified Mail) comes in. This method adds a digital signature to your email, giving both you and your recipients peace of mind that messages are authentic and safe.
How to avoid email authentication failures when sending messages to Microsoft 365 users?
by DuoCircle
If you are struggling with disappearing emails or deliverability drops when targeting Microsoft 365 users, then it’s an indication of an underlying issue— misconfigured or missing email authentication protocols.
Email has become a central tool for communication, but with its convenience comes the risk of impersonation and spam. Many people don’t realize that proper email setup is crucial to keep their messages safe and trusted. One of the best ways to protect your domain from being misused is through an SPF record. Think of it as a security badge that tells other mail servers which addresses are allowed to send emails on your behalf.
This week’s cyber world feels like a game of digital whack-a-mole, where every time defenders squash one threat, another pops up somewhere else. There are hackers sneaking malware into trusted tools, trojans hiding in mobile apps, and cybercriminals hijacking search results and online ads. From leaked security software fueling new attacks to crafty scams riding the wave of AI buzz, cybercriminals are proving they’ll exploit anything. Here’s how they’ve been keeping security teams on their toes!
How to pass Microsoft’s email authentication requirements?
by DuoCircle
If your company’s mailboxes are in Exchange Online, Microsoft requires you to take email protection seriously. You are liable for protecting the integrity of email messages from senders in your domain. Your recipients should be confident enough to open emails from your domain, knowing you have already taken the measures to ward off phishing and spoofing attempts.
DMARC is now mandatory in New Zealand: Here’s what the NZ government expects
by DuoCircle
Most countries have already made DMARC enforcement mandatory, especially for government agencies (after all, that’s where the real threats lie). But New Zealand wasn’t on this list until now!
This week’s cybersecurity round-up brings you stories you need to know, from fake crypto wallets lurking in Firefox to major breaches hitting airlines, global courts, and healthcare groups. We’ll see how threat actors are shifting from traditional tactics and which new threats are on the radar.
Stay digitally safe and well-informed about your personal information security!
![Scattered Spider Imitators, New RaaS Emerges, Fake Apps Threaten – Cybersecurity News [July 28, 2025]](https://www.duocircle.com/wp-content/uploads/2025/08/sender-policy-framework-7840.jpg)
![Lumma Infostealer Returns, Coyote Malware Exploits, Interlock Ransomware Alert – Cybersecurity News [July 21, 2025]](https://www.duocircle.com/wp-content/uploads/2025/07/spf-record-generator-3672.jpg)
![FileFix Ransomware Threat, Konfety Malware Evasion, Crypto Users Targeted – Cybersecurity News [July 14, 2025]](https://www.duocircle.com/wp-content/uploads/2025/07/spf-record-tester-2341.jpg)
![Hackers Exploit Shellter, Anatsa Trojan Spreads, Pull Request Breach – Cybersecurity News [July 07, 2025]](https://www.duocircle.com/wp-content/uploads/2025/07/spf-record-check-8960.jpg)
![Fake Wallet Extensions, Qantas Hack Revealed, ICC Cyberattack Unveiled– Cybersecurity News [June 30, 2025]](https://www.duocircle.com/wp-content/uploads/2025/07/check-dmarc-record-3656.jpg)