The National Cybersecurity Center of Excellence (NCCoE) has invited comments on a draft practice guide to help organizations improve email security and defend against phishing, man-in-the-middle, and other types of email-based attacks. more
A new report from SecureWorks Counter Threat Unit has revealed a hacking group operating from the Russian Federation, implemented spearphishing techniques involving use of look-alike Google login pages to gain access to DNC emails and other data. more
"Massive Email Bombs Target .Gov Addresses," Brian Krebs writes in Krebs on Security: "Over the weekend, unknown assailants launched a massive cyber attack aimed at flooding targeted dot-gov (.gov) email inboxes with subscription requests to thousands of email lists." more
According to a recent report by Akamai, an analysis of massive Account Takeover (ATO) attack campaigns, targeting two of its customers, revealed 1,127,818 different IPs were involved in the attacks. more
Total number of Business Email Compromise (BEC) related crimes have reached epidemic levels, at nearly $3.1 billion in losses and involving 22,143 victims worldwide since January 2015, according to a new FBI report. more
Data solutions provider Return Path has released a new report highlighting 20 visionary ideas for brands to "futureproof" their email program. Among various insights, the report warns brands that adoption of IPv6 will result in rising dependency on domain-based reputation. more
The latest discovery came while researchers at a security firm found a young Russian hacker bragging in an online forum that he had collected and was ready to give away a far larger number of stolen credentials that ended up totalling 1.17 billion records, Reuters reports. more
The U.S. House of Representatives voted unanimously today to pass H.R. 699, the Email Privacy Act, closing a loophole that allowed law enforcement authorities to obtain old email and other digital communications without a warrant from the court. more
The Internet Infrastructure Coalition (i2Coalition) has joined the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) to continue efforts on developing best practices for hosting and cloud service companies as well as sharing other information that will protect end-users. more
Internet pioneer, Ray Tomlinson has passed away. He died at his home yesterday morning from a suspected heart attack at the age of 74. While best known as the creator of the email messaging system, Tomlinson made tremendous contributions to the field of computing science, evolution of the Internet, and ultimately how the world communicates today. more
Google in partnership with the University of Michigan and the University of Illinois, has published the results of a multi-year study that measured how email security has evolved since 2013. Although Gmail was the foundation of the research, insights from the study are believed to be applicable to email more broadly. more
During the M3AAWG meeting in Brussels earlier this year, Dave Crocker and John Levine were asked to step into an impromptu video studio and talk about how email has changed over the past several decades and whether we are any closer to resolving the spam problem. more
Declan McCullagh reporting in CNET: "The FBI is asking Internet companies not to oppose a controversial proposal that would require the firms, including Microsoft, Facebook, Yahoo, and Google, to build in backdoors for government surveillance. In meetings with industry representatives, the White House, and U.S. senators, senior FBI officials argue the dramatic shift in communication from the telephone system to the Internet has made it far more difficult for agents to wiretap Americans suspected of illegal activities..." more
It is with great sadness that we announce the passing of Jesse David (J.D.) Falk, a highly regarded and long time contributor to CircleID. more
Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more
A World-Renowned Source for Internet Developments. Serving Since 2002.