OTP Theft Guilty, Social Media Exploits, APT29 Targets Mobile – Cybersecurity News [September 02, 2024]
by Duocircle
We’re back to provide you with the latest cybersecurity news of the week, designed to keep you informed and secure against evolving threats. This week, we highlight the final verdict of an OTP theft case relating to 1-Time Passcode, a loophole in the financial system aided via social media platforms, Android and iOS users attacked by Russian hackers, a more personalized approach towards social engineering techniques, the role of CISOs in curating business strategies and finally the concerns associated with encryption policies amidst Telegram founder’s indictment.
Troubleshoot DMARC problems for Google Workspace domains
by Duocircle
Google Workspace encourages domain owners to use the three email authentication protocols, SPF, DKIM, and DMARC, to ensure outgoing emails are properly authenticated. This reduces the security gaps; otherwise, threat actors can exploit them to send phishing and spoofing emails from your domains. Moreover, from February 2024, Google has mandated DMARC deployment for regular and bulk email senders, urging domain owners or administrators to create a DMARC record in their DNS settings and specifying policies to handle emails that fail SPF and/or DKIM checks.
How do you receive DMARC reports on external email addresses?
by Duocircle
While most domain owners prefer receiving DMARC aggregate and forensic reports on internal email addresses, some want to have them in external inboxes. Internal email addresses refer to those belonging to the same domain for which the DMARC record is created. For example, if your organization’s domain is example.com, then an internal domain email address would be something like employee@example.com. On the other hand, external email addresses are the ones not belonging to that domain. For example, department@otherdomain.com.
What are the different phases of DMARC deployment?
by Duocircle
With sophisticated cyberattacks looming over your email landscape, you need to employ the latest techniques that not only protect your communications but also enhance the security posture, and DMARCfits the bill! Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication protocol that helps you do just that! It protects your domains against spoofing, phishing, and other email-based frauds.
We’re back with the latest cybersecurity scoop of the week that will keep you privy to the latest attacks and help you stay safe. This week, we’ll take a look at how hackers are leveraging the WPS office to spread malware, the withdrawal of Notion from Russia, how Uber was fined $325 million for illegal data transfers, the Tickler malware attacking US government systems, and the FBI’s report on RansomHub ransomware’s 210 victims and the tactics used. Let’s take a look!
VM-expert landed up in jail for planning cyber extortion in New Jersey!
by Duocircle
A New Jersey-based core infrastructure engineer at a US industrial firm got arrested as he locked out Windows admins from 254 servers. He was trying to target his employer and, in the process, landed up in prison. Daniel was a specialist in hosting virtual machines or VMs.
You might have heard that you do not necessarily need all three email authentication protocols— SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to create a foolproof defence strategy for your email ecosystem. But here’s a truth that these custodians of security do not tell you: achieving a 100% foolproof email security strategy is very challenging, if not impossible, and you need a multi-layered approach that covers all the bases and helps you stay ahead of these attacks.
Here’s a question for you: how much security is too much security for your emails? Before you try to answer this question, we would like to remind you that email security threats like phishing, spam, ransomware, malware, and spoofing are not only becoming more frequent but also more grave. The kind of impact these attacks have on the target is often devastating, including financial loss, data breach, and legal consequences. With these threats looming over your email ecosystem, you need a mechanism that is robust and hardy.
Emails were and still are a crucial tool for business communication and marketing.
A report by Statista revealed that in 2023, about 347 billion emails were sent and received globally daily. That figure is projected to increase to about 392 billion daily emails by 2026.
Public Data Breach, Ransomware Disables Security, Hacker Fakes Death –Cybersecurity News [August 19, 2024]
by Duocircle
We’re back with the latest cybersecurity scoop of the week where we’ll take a look at the data breach that occurred at National Public Data, the new malware that disables security software, how a man was sentenced for hacking into the stage registry to fake his death, the $14 million holograph crypto hackers’ arrest, and the charges against Karakurt extortion gang’s member. Stay tuned for more!
![OTP Theft Guilty, Social Media Exploits, APT29 Targets Mobile – Cybersecurity News [September 02, 2024]](https://www.duocircle.com/wp-content/uploads/2024/09/spf-permerror-1.jpg)
![WPS Office Exploit, Notion Exits Russia, Uber’s $325M Fine – Cybersecurity News [August 26, 2024]](https://www.duocircle.com/wp-content/uploads/2024/09/spf-validator.jpg)
![Public Data Breach, Ransomware Disables Security, Hacker Fakes Death – Cybersecurity News [August 19, 2024]](https://www.duocircle.com/wp-content/uploads/2024/08/smtp-email-7954.jpg)