Learning to avoid breaking up the Google Workspace DKIM setup
by DuoCircle
Enabling DKIM on Google Workspace is a two-step process but most people stop after completing the first one only. If that’s what you have also done, then please know that in such scenarios, DKIM and DMARC will function normally, and there won’t be any impact on email delivery, failing to complete the second step will compromise your email security. However, DKIM will fail to authenticate emails using your custom domain, causing communication problems at multiple levels.
We’re back to provide you with the latest cybersecurity news of the week, designed to keep you informed and secure against evolving threats. This week, we delve into Microsoft’s identification of Storm-0501 as a critical player in hybrid cloud ransomware attacks, a new HTML smuggling campaign distributing DCRat malware to Russian-speaking users, CISA’s release of a new toolkit for K-12 schools to address anonymous threats, a recently patched but less severe vulnerability in CUPS, and NIST’s revisions to identity and password guidelines. Furthermore, let us now go through the details of each story.
A guide to detecting DMARC problems using the pentesting techniques
by DuoCircle
While DMARC has proven its ability to keep spoofing and phishing attacks at a distance, DMARC records can have errors and misconfigurations. So, if you are seeing multiple instances of false positives, false negatives, delivery issues, etc., then it’s suggested that you check your DMARC record to see if it has issues. This can be done by running your DMARC TXT record through an online lookup tool. You can also come across errors and misconfigurations using penetration testing.
DMARC is based on three policies: none, quarantine, and reject. As a domain owner, you have the choice to apply one of these three policies for illegitimate emails sent from your domain. However, sometimes, receiving servers don’t respect the policy you applied; they adjust the policy according to what seems to be better for the emails sent from your domain.
Microsoft’s recent updates empower domain owners to combat modern phishing attacks using DMARC
by Duocircle
Microsoft has always encouraged domain owners to deploy DMARC to improve email deliverability and prevent spoofing. It has also been part of industry groups that aim to improve email security standards, demonstrating its endorsement of DMARC as part of the future of secure communication.
We’re back with the latest cybersecurity updates to inform you about recent threats and help you stay protected. This week, we’ll dive into how hackers are exploiting Versa Director through a critical vulnerability, the supply chain attack linked to Hezbollah device explosions, a zero-click vulnerability in MediaTek Wi-Fi chipsets, Transport for London’s (TfL) data breach affecting 5,000 customers, and the latest campaign by the North Korean-linked group Gleaming Pisces using poisoned Python packages to deliver backdoors. Let’s explore the news descriptions provided below!
Deciphering DMARC reports is complex as it requires understanding the XML structure and key components within the report. You have to analyze the IP address and understand the failures. Here’s a step-by-step guide on how you can go about it.
Understanding the process and importance of hashing in DKIM
by Duocircle
DKIM was created in 2005 to help recipients determine if someone has tampered with the email content in transit. The protocol is broadly based on the concept of cryptography, which ensures the authenticity and integrity of an email message by using a public key to sign the outgoing emails for your domain. In DKIM, hashing is an important step in creating a secure signature for email integrity and authentication. Let’s see how hashing works.
Lately, DMARC adoption has been reflecting an upward trend, underscoring the increasing awareness about email security, especially after Google and Yahoo’s announcements. Roughly 20 million domains are already using DMARC, although many users are still stuck at the p=none policy, which is like moving two steps forward and one step back.
Did you know how cyberspace unfolded this week? Here we are to inform you about this week’s most talked-about news and updates, curated and designed for you. We have covered topics around cybersecurity attacks, advisories, and other security-related updates. Some of these topics are related to leveraging cloud solutions in creating and maintaining access control, the FOCAL plan of CISA to safeguard an organization’s security posture, Chrome users being targeted to reveal account credentials, CISA’s addition of two new CVEs to the list, Fake and fraudulent live streaming websites exposed, and many more.
![Storm-0501 Threat Identified, HTML Smuggling DCRat, CISA Releases Toolkit – Cybersecurity News [September 30, 2024]](https://www.duocircle.com/wp-content/uploads/2024/10/dmarc-report-2.jpg)
![Versa Networks Flaw, Hezbollah Supply Chain, MediaTek Wi-Fi Vulnerability – Cybersecurity News [September 23, 2024]](https://www.duocircle.com/wp-content/uploads/2024/09/spf-validator-8.jpg)
![Operational Cybersecurity Alignment, Chrome Credential Threats, CISA CVEs Update – Cybersecurity News [September 16, 2024]](https://www.duocircle.com/wp-content/uploads/2024/09/spf-permerror-7.jpg)