Security News

Paired with the required DMARC enforcement, VMCs are a critical step in a series of security measures that help strengthen email security, build trust in the inbox and help users associate the brand logo with the company they expect to communicate with. "With BIMI and VMC from DigiCert for DMARC-verified domains, organizations can now demonstrate to their customers a higher level of email security. DigiCert VMCs not only help reduce instances of spam and spoofing customers receive, because of the DMARC requirement, but they also enable organizations to go beyond displaying default email addresses to increase engagement rates and display their brands more prominently."

Entrust announced an expanded partnership with Red Sift to simplify and streamline the adoption of strong email sender authentication based on Brand Indicators for Message Identification standards. As email has become more critical than ever for organizations to connect and communicate with their customers, the ecosystem is looking to BIMI as an opportunity to increase the wide adoption of email authentication while simultaneously providing senders with a way to provide their customers a more immersive experience.

Valimail announces general availability of Amplify, giving clients the ability to display their logo alongside authenticated email messages. The company's founding and involvement in the Brand Indicators for Message Identification standard enables Gmail, AOL, Yahoo Mail, Fastmail and other mailbox providers to display logos next to an email message, indicating it has been authenticated.

This effective indicator that these types of email communication are coming from that specific legitimate source is made possible by Gmail's added support for the Brand Indicators for Message Identification standard. About BIMI. BIMI is an email specification that enables the use of brand-controlled logos within email clients.

IT management software maker Kaseya is still working on patching the vulnerabilities exploited in the recent ransomware attack, but some cybercriminals are sending out emails offering the patches in an effort to distribute their malware. An investigation revealed that the attackers exploited some zero-day vulnerabilities to deliver the REvil ransomware to the MSPs that use VSA, as well as the customers of those MSPs. Kaseya has determined that only on-premises VSA installations are impacted and it has been working on patches for the exploited vulnerabilities, but it has yet to release the fixes due to some issues uncovered at the last moment.

That fatigue makes it more likely users will click on a malicious email without knowing it - which explains why 94% of malware is now delivered via email. The fake unsubscribe spam email is a tactic used by criminals to refine their mailing lists and verify email addresses.

The UK's Information Commissioner's Office has opened an official inquiry into the misuse of private email accounts at the Department of Health and Social Care. The investigation comes amid mounting allegations that senior officials within the department - including former health secretary Matt Hancock who resigned recently over his inability to follow lockdown rules - used private emails to discuss sensitive government business.

A couple of months after Y's departure, X received an email from another colleague, whom we shall call Z. and Z received a "Bounce" message from a external email address Q that Z hadn't copied in on the original email. Smelling a rat, Z alerted Y to inform him about the mysterious "Q" in the email equation.

Armorblox announced a strategic technology partnership with Intermedia to protect customers from advanced email attacks that target potentially vulnerable users. Armorblox technology powers AI Guardian, included with Intermedia Email Protection, to detect and alert users to sophisticated email attacks that weaponize the context of communications to steal money and data.

Business Email Compromise attacks are skyrocketing as organizations rely on decades-old email protocols and standards, and bad actors perfect social engineering. The good news is that automated email certificates can help organizations avoid these attacks and protect their employees against spear phishing attacks.