Friday , April 18 2025

Google, Yahoo announce new email authentication requirements for 2024

Google and Yahoo will implement new email authentication rules in 2024. Starting in early 2024, Gmail and Yahoo Mail will require bulk email senders to authenticate their emails using methods like DMARC, SPF, and DKIM.

The move aims to assist companies in detecting and blocking harmful messages, reducing clutter in users’ inboxes, and limiting attackers’ ability to exploit resources undetected. Gmail and Yahoo stated that bulk senders must make it easy for people to unsubscribe and ensure that they only send wanted email.

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
16,000+  Fortinet devices compromised with symlink backdoor, Mostly in Asia

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

CISA warns of increasing risk tied to Oracle legacy Cloud leak

On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CISA warns of increasing risk tied to Oracle legacy Cloud leak

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
CVE-2025-20236  Cisco Patches Unauthenticated RCE Flaw in Webex App

Apple released emergency security updates for 2 zero-day vulns

On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Apple released emergency security updates for 2 zero-day vulns

Oracle Released Patched for 378 flaws for April 2025

On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
Oracle Released Patched for 378 flaws for April 2025

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
CVE-2025-24054  Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Bengaluru firm got ransomware attack, Hacker demanded $70,000

Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

PwC exits more than a dozen countries in push to avoid scandals: FT reports

PwC has ceased operations in more than a dozen countries that its global bosses have deemed too small, risky or...
Read More
PwC exits more than a dozen countries in push to avoid scandals: FT reports

ALSO READ:

Apple released security patches for iOS 17.0.3 and iPadOS 17.0.3

The absence of secure email authentication protocols puts organizations and users at higher risk of business email compromise (BEC) and phishing attacks. A study conducted by cybersecurity company Proofpoint in June discovered that fewer than half (47%) of the 150 banks in the UK implemented the highest level of DMARC, which is the recommended level. This exposes customers, staff, and stakeholders to a greater risk of impersonation attacks through email, as stated by the vendor.

Bulk Gmail, Yahoo Mail senders must authenticate following best practices:

Many bulk senders don’t appropriately secure and configure their systems, allowing attackers to easily hide in their midst, Google wrote. “To help fix that, we’ve focused on a crucial aspect of email security: the validation that a sender is who they claim to be. As basic as it sounds, it’s still sometimes impossible to verify who an email is from given the web of antiquated and inconsistent systems on the internet.”

In the first quarter of 2024, Gmail and Yahoo Mail will start to require bulk senders to strongly authenticate their emails following best practices. “Ultimately, this will close loopholes exploited by attackers that threaten everyone who uses email,” according to Google.

“We firmly believe that users worldwide deserve a more secure email environment, with fewer unwanted messages for an improved overall experience,” said Neil Kumaran, group product manager, Gmail security and trust. “We look forward to working with peers across the industry to boost the adoption of these email standards that benefit everyone.”

No matter who their email provider is, all users deserve the safest, most secure experience possible, commented Marcel Becker, senior director of product at Yahoo. “In the interconnected world of email, that takes all of us working together.

Yahoo plans to collaborate with Google and other email providers to establish new industry standards. Google and Yahoo have already issued guidelines for improving email systems, which will be enforced starting next year.

Check Also

ANY.RUN

Top 10 Malware Threats of the Week: Reports ANY.RUN

Cybersecurity platform ANY.RUN recently reported the top 10 malware threats of the week, highlighting a …

Leave a Reply

Your email address will not be published. Required fields are marked *