Email remains one of the most vital communication tools for both businesses and individuals, but when outgoing messages fail to send, productivity and reliability take a hit. At the heart of email delivery lies the Simple Mail Transfer Protocol (SMTP) server, which is responsible for relaying messages from your email client to the recipient’s inbox. However, misconfigurations, connectivity problems, or security restrictions can cause SMTP servers to malfunction, leaving users frustrated with undelivered or bounced emails.
Cybersecurity incidents this week include Google completing notifications for a Salesforce breach linked to ShinyHunters, and the discovery of Charon ransomware targeting the Middle East public and aviation sectors with APT-style tactics. Researchers exposed new 2TETRA:2BURST flaws in critical TETRA radio systems, while a WinRAR zero-day was exploited by Paper Werewolf and RomCom groups. The GreedyBear campaign stole over $1 million via malicious browser extensions, alongside an Ethereum trading bot scam using AI-generated YouTube videos to drain wallets of nearly $900,000. Let’s dissect each news in brief!
In today’s digital landscape, email security is more critical than ever. Cybercriminals frequently exploit email systems through spoofing and phishing, making it essential for organizations to adopt robust authentication methods. DomainKeys Identified Mail (DKIM) is one of the core email authentication protocols that helps verify a sender’s identity and ensures that messages are not altered in transit. Implementing DKIM involves publishing a TXT record in your domain’s DNS, which serves as a digital signature for outgoing emails.
How do third-party marketing agencies send emails on behalf of clients while staying
by DuoCircle
It is a common practice for businesses to delegate marketing tasks to third-party agencies. Working with these marketing agencies brings in added benefits such as specialisation in particular niches and cost-effectiveness. These agencies need to take extra care to ensure their emails don’t end up in the spam folder or get rejected.
DMARC policy transition strategies for global banks: Moving to quarantine and reject safely
by DuoCircle
DMARC has now become a non-negotiable for every organization that sends bulk emails on a daily basis. It is even more critical for banks, where the stakes are so high that it’s not merely about money, but also sensitive data of their customers, regulatory compliance, and the integrity of their brand.
Recent cybersecurity incidents underscore growing threats everywhere in healthcare, cloud services, and mobile platforms. A ransomware attack compromised over 113,500 patient records at a cancer centre; meanwhile, critical flaws in AI servers and enterprise security systems exposed risks of credential stealing and remote code execution. Alongside, fake VPN apps on official stores tricked users into fraudulent subscriptions, and a cloud container vulnerability allowed malicious actors to avoid isolation controls. These cases point to the need for prompt patching, stricter access controls, and user vigilance against growing cyber threats.
Sometimes your email just doesn’t reach its recipient. You’ve done everything right— crafted the perfect message, sent it to the correct address, and even authenticated your domain with email authentication protocols. Yet, it gets flagged or doesn’t even land in the receiver’s mailbox.
SPF macros can be best described as placeholders that are used within SPF records. They intend to make the SPF record more flexible and intelligent. This way, you don’t have to hardcode every detail; you can use macros like %{i}, %{d}, and %{h} to allow SPF records to adapt during a live email authentication check.
Using the DMARC reject policy for non email sending domains: A guide
by DuoCircle
You might think that only your active domain (the one that you use to send emails) is vulnerable to spoofing and phishing attacks. But the truth is, there is more than one way that attackers use to intercept your systems, and often they are the ones you least expect. That’s the reality of email-based attacks; they not only exploit your primary, active domain, but also make backdoor entries through non-email-sending domains and parked domains. The reason cybercriminals go after the parked domains, instead of active ones, is that the former are often overlooked. It is easier to think that the attackers might not even pay heed to the inactive ones, but they know that these dormant ones are low-hanging fruit.
From arrests slowing down major hacker groups to new threats quickly taking their place, this week has been full of movement in the cybersecurity space. Threat actors are shifting tactics, launching new ransomware groups, targeting telecoms, and using fake mobile apps to steal and extort. Even major airlines and telecom giants like Aeroflot and Orange haven’t been spared. Here’s a roundup of the key cyber incidents and developments of the week.
![Charon Ransomware Threatens, Data Breach Notifications, TETRA Security Flaws – Cybersecurity News [August 11, 2025]](https://www.duocircle.com/wp-content/uploads/2025/08/spf-record-tester-5670.jpg)
![Patient Data Breach, Hackers Exploit AI, Code Execution Bug – Cybersecurity News [August 04, 2025]](https://www.duocircle.com/wp-content/uploads/2025/08/dmarc-generator-8901.jpg)
![Scattered Spider Imitators, New RaaS Emerges, Fake Apps Threaten – Cybersecurity News [July 28, 2025]](https://www.duocircle.com/wp-content/uploads/2025/08/sender-policy-framework-7840.jpg)