BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like cloud…Continue Reading: BreakSPF: How to mitigate the attack
Phishing
Boosting email security amid recent Coinbase phishing attempts
In recent weeks, there have been reports of sophisticated phishing attacks disguised as official communication from the cryptocurrency platform, Coinbase. These phishing emails closely mimic Coinbase’s branding and language to build recipient trust and prompt clicks on malicious links. The subject lines of these emails generally follow a format: the sender’s address starts with either…Continue Reading: Boosting email security amid recent Coinbase phishing attempts
Strengthening U.S. political campaigns against cyber threats: The urgent need for DMARC implementation
Securing political campaigns from cyber threats has never been more urgent. It is critical to secure communications that handle sensitive exchanges with voters, contributors, donations and coordinate complex operations. Campaigns make exceptionally rich targets for cyber espionage and exploitation, with our open-source research, demonstrating nearly 75% of US Senate campaign websites having not achieved Domain-based…Continue Reading: Strengthening U.S. political campaigns against cyber threats: The urgent need for DMARC implementation
Behind the Screens: North Korea’s Focus on DMARC in Email Espionage
If you missed our recent virtual fireside chat “Behind the Screens: North Korea’s Focus on DMARC in Email Espionage,” or couldn’t attend due to geographical restrictions, we’ve got you covered. Joined by cybersecurity experts from the Federal Bureau of Investigation (FBI) and Stanford University, together with Red Sift, the session explored how the North Korean…Continue Reading: Behind the Screens: North Korea’s Focus on DMARC in Email Espionage
How to Protect Against Identity-Based Attacks?
As the digital world becomes more reliant on identity-based authorization for users, applications, and devices, it opens up the scope for identity-based attacks. This primarily targets the vulnerabilities in identity systems, aiming to exploit or manipulate them for malicious purposes. …Continue Reading: How to Protect Against Identity-Based Attacks?
The 8 biggest cyber threats faced by enterprises today and how to prevent them
As of 2022, the global average cost per data breach amounted to 4.35 million USD. Irrespective of the size and industry, all types of IT-driven enterprises are prone to impersonation-based cyber attacks like BEC (Business Email Compromise), whale phishing, DNS spoofing, social engineering, etc. …Continue Reading: The 8 biggest cyber threats faced by enterprises today and how to prevent them