Security News

DMARC: The First Line of Defense Against Ransomware
2021-06-28 02:47

Wouldn't it be nice if you could prevent a ransomware attack from occurring in the first place? DMARC can make this seemingly impossible claim a possibility for domain owners! DMARC is also known as the first line of defense against Ransomware.

Only 14% of domains worldwide truly protected from spoofing with DMARC enforcement
2021-03-23 05:00

While the DMARC enforcement rate increases, 3 billion messages per day are still spoofing the sender's identity, Valimail reveals. DMARC protected domains: Key findings Three billion messages per day are spoofing the sender identity used in their "From" fields.

How DMARC Can Stop Criminals Sending Fake Emails on Behalf of Your Domain
2020-12-07 02:47

DMARC enforces the use of a combination ofSPF andDKIM email authentication technologies to ensure only real emails are delivered to the end receivers. Without DMARC, all emails sent from the email domain of your business reaches the receiver's inbox without any security check or validation.

Airline DMARC Policies Lag, Opening Flyers to Email Fraud
2020-08-19 13:04

More than half of global airlines do not have DMARC policies in place, opening their customers up to email fraud attacks, a new report found. "Overall, major global carriers are failing to implement adequate email protection - leaving themselves open to phishing, impersonation attacks and other unauthorized use of corporate domains. This is despite email remaining the number one threat vector for cybercriminals," according to Adenike Cosgrove with Proofpoint in a Tuesday report.

Week in review: PoC for wormable SharePoint RCE released, how to select a DMARC solution
2020-07-26 08:00

Details and PoC for critical SharePoint RCE flaw releasedA "Wormable" remote code execution flaw in the Windows DNS Server service temporarily overshadowed all the other flaws patched by Microsoft on July 2020 Patch Tuesday, but CVE-2020-1147, a RCE affecting Microsoft SharePoint, was also singled out as critical and requiring a speedy fix. Microsoft releases new encryption, data security enterprise toolsMicrosoft has released several new enterprise security offerings to help companies meet the challenges of remote work.

How do I select a DMARC solution for my business?
2020-07-22 05:00

To select a suitable DMARC solution for your business, you need to think about a variety of factors. API Integration with the DMARC solution will allow you to tailor the solution into your enterprise reporting & analysis tools.

DMARC Adoption Spikes, Higher Ed Remains Behind
2020-07-14 14:46

Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years - a 2.5 times greater total than in 2018. According to Tessian, out of the 60 percent of universities that do have DMARC in place, the DMARC policies have not been set up to quarantine or outright reject any emails from unauthorized senders using its domains.

BofA Phish Gets Around DMARC, Other Email Protections
2020-06-18 13:00

A credential-phishing attempt that relies on impersonating Bank of America has emerged in the U.S. this month, with emails that get around secure gateway protections and heavy-hitting protections like DMARC. The campaign involves emails that ask recipients to update their email addresses, warning users that their accounts could be recycled if this isn't done. "This ensured that the email wasn't caught in the bulk email filters provided by native Microsoft email security or the Secure Email Gateway."

Tax Phishing Campaign Reminds of DMARC Limitations
2020-04-21 18:01

April is a time for tax-related phishing scams, and we haven't been let down this year despite the dominance of COVID-19-themed phishing campaigns. Security firm Abnormal Security discovered a phishing email giving a single day for the recipient to respond and claim an outstanding tax rebate from HMRC for '550.11 GBP'. The email contains an obfuscated link to a webpage masquerading as a Gov.uk page.

Nearly 1 Million Domains Use DMARC, but Only 13% Prevent Email Spoofing
2020-03-05 19:10

Nearly one million domains use DMARC, but only 13% of them are configured to actually prevent email spoofing, according to a report published this week by anti-phishing solutions provider Valimail. DMARC is an email authentication, policy, and reporting protocol designed to detect and prevent email spoofing.