"Trump shares hug with Whitmer upon arrival in Michigan."
No. Trump forced a hug on Whitmer, and she kept him at elbow length. #FTFY
Bank loans in Cyprus surge by €429.9m in March — deposits fall by €66.3m
Banks in Cyprus recorded a net decrease of €66.3 million in deposits and a significant increase of €429.9 million in loans during March 2025, according to aBYTESEU (Bytes Europe)
I probably don't understand DKIM signing well enough, but I'm seeing tens of thousands of fraudulent messages claiming to originate from PayPal that are sent via *.outlook.com mail servers. These messages fail SPF but pass DKIM.
(Legitimate PayPal messages tend to come from *.paypal.com mail servers and pass both SPF and DKIM.)
Does that mean that the outlook.com servers are successfully DKIM-signing messages on behalf of PayPal?
7 money habits millionaires practice daily that most people overlook - EUROPE SAYS
Most people assume millionaires do something radically different with their money. And in a way, they do. But it’s not what you think. It’s not private equityEUROPE SAYS
Irish politician Jen Whitmore speaks out on the #Kneecap furor:
"The criticism levelled at Belfast rap group Kneecap over their statements about Israel is a distraction from the issue at hand.
#Israel is committing a #genocide in #Gaza – any deflection from that fact is completely inappropriate."
#Ireland #Belfast #FreePalestine
Scandalous Foods raises funds in ongoing Seed round led by New Age India Fund - EUROPE SAYS
Business-to-business (B2B) Indian sweets brand Scandalous Foods has raised Rs 2 crore in an ongoing seed funding round led by New Age India Fund. The startupEUROPE SAYS
tests are showing beef levels at 30%
(30%) ■■■□□□□□□□
Zelenskyy: Russia is preparing something in Belarus under guise of military drills
Volodymyr Zelenskyy. Photo: Getty ImagesBYTESEU (Bytes Europe)
Today in 1492, 533 years ago: in Spain, the Catholic Monarchs ordered that the ships of Palos de la Frontera (Huelva) be placed at the service of Christopher Columbus and issued in favor of Columbus the titles of admiral, viceroy and governor of the lands he discovered.
VP Vance Takes On Nike's Alleged Funding Of Youth Trans Study: 'Craziness Hasn't Gone
PublishedApril 29, 2025 3:32 PM EDT•UpdatedApril 29, 2025 3:42 PM EDTEUROPE SAYS
Ukraine Said 120,000 ‘Unusable’ Mortar Shells Sent to Front Line
Ukraine's internal security bureau said on Tuesday that it had detained four people after investigating the supply of 120,000 defective mortar shells to itsBYTESEU (Bytes Europe)
Pete Hegseth accidentally roasts Noem and Rubio as he shuts down 'woke' Pentagon program - EUROPE
US Defense Secretary Pete Hegseth canceled a program that sought to increase the role of women in national security sectors that was first signed into law byEUROPE SAYS
loc.gov/resource/mcc.028/
How ICE is becoming a secret police force under the Trump administration
The US Immigration and Customs Enforcement meets most criteria that have defined secret police forces in authoritarian regimes. And the worst may be yet to come.The Conversation
like this
Tom Grzybow reshared this.
youtube.com/watch?v=W2kDntpA-T…
Joe Tex- I Gotcha (Soul Train 1972)
Joseph Arrington, Jr. (August 8, 1935 -- August 13, 1982), better known as Joe Tex, was an American musician who gained success in the 1960s and 1970s with h...YouTube
Втрати ворога: за добу ЗСУ ліквідували 1100 окупантів та знищили 11 артсистем
За даними Генштабу, 29 квітня українські військові ліквідували 1100 російських солдатів. Також знищено 11 ворожих артилерійських систем та іншу техніку.Вадим Хлюдзинський (UNN)
Pressed for evidence against Mahmoud Khalil, Rubio argues his presence undermines U.S. foreign policy -
NEW YORK (AP) — Facing a deadline from an immigration judge to turn over evidence for its attempted deportation of Columbia University activist MahmoudEUROPE SAYS
K-State signs Serbian star Andrej Kostic
MANHATTAN, Kan. (KCTV) - One of the youngest stars in Serbian basketball is coming to Manhattan, Kansas, for this upcoming season of college basketball.BYTESEU (Bytes Europe)
bbc.com/news/articles/cvgpey03…
Government not taking climate threats seriously - watchdog
The government has made little progress in preparing the UK for rising temperatures, climate watchdog the CCC says.Mark Poynting and Justin Rowlatt (BBC News)
Российский Рыльск атаковали беспилотники – видео попадания
Минобороны РФ традиционно отчитывается только о "сбитых и перехваченных" БпЛА, в то же время местные паблики показывают видео попаданий и пожаровОксана Житнюк (LIGA.net)
ベイカー、ありえないクソ
体型カバーができて着回し力も抜群 40代にブルーパンツがおすすめな理由 news.livedoor.com/article/deta…
40代が2990円で思わず即買い!意外なプチプラブランドの体型カバーができるパンツ - ライブドアニュース
気温がどんどん上がってきて、なにを着ようか悩む今の時期。今回、ESSEフレンズエディターでファッションアドバイザーの勅使河原祐子さん(40代)が、夏まで活躍しそうなアメリカンホリック(アメホリ)のプチプラパESSE-online (livedoor News)
I can't lie, the Whitmer one hurts. I don't even have jokes this time.
See, this is why I have trust issues!
(🤔Okay maybe one joke.)
@blogdiva
apnews.com/article/trump-gretc…
"Whitmer has softened her stance toward Trump in hopes of finding common ground, with securing a new mission for Selfridge Air National Guard Base a top priority."
your auntifa liza 🇵🇷 🦛 🦦 reshared this.
Nice
Hugz & xXx
mashable.com/article/elon-musk…
Elon Musk's X lost 11 million users in the EU over the past 5 months
Millions of people in France and Germany have left X, according to X itself.Matt Binder (Mashable)
Dutch Municipality Accidentally Discards a 1980s Warhol Print
A portrait of former Queen Beatrix of the Netherlands might have been worth tens of thousands of dollars. It was probably thrown out during a renovation.
news.kawaii.gdn/vuhGh3
Published: 28 Apr 2025, 17:36
Vatican issues 'sede vacante' postage stamps valid until a new pope is elected - EUROPE SAYS
VATICAN CITY — Vatican post offices and selected collectors’ shops this week started selling special stamps marking the period between Pope Francis' death andEUROPE SAYS
'Five decades of dedication': Crookwell Dogs celebrate 50-year reunion
The reunion recognised the strong traditions on which the club was founded
news.kawaii.gdn/xCAnvL
Published: 29 Apr 2025, 07:00
Crookwell Rugby Club's 50th reunion unites legends young and old
Join Crookwell Rugby Club as it celebrates 50 years with events uniting past players and families, boosting community spirit.Rachael Croker (Goulburn Post)
CPI falls within RBA target range; lowest level since 2021
Core inflation dropped below 3 per cent for the first time since 2021, reinforcing expectations of a May 20 rate cut.
news.kawaii.gdn/ySZtE2
Published: 30 Apr 2025, 02:15
Amazon allegedly mulls displaying Trump tariff costs: Report
The White House calls the decision ‘hostile’ as the e-commerce giant denies any proposal is under consideration.
news.kawaii.gdn/XXZ2uu
Published: 29 Apr 2025, 16:40
Back to Reality with the Time Brick
hackaday.com/2025/04/29/back-t…
Back To Reality With The Time Brick
There are a lot of distractions in daily life, especially with all the different forms of technology and their accompanying algorithms vying for our attention in the modern world. [mar1ash] makes t…Hackaday
Hans Zimmer’s music is in all your favourite films – but off screen, something was missing
Seeing Hans Zimmer’s music performed live is a little like seeing the MSO if they were all wearing leather and performing in an arena with drunk male hecklers.
news.kawaii.gdn/7R4WsV
Published: 30 Apr 2025, 03:37
20 million plug-in cars sold in China
By the end of 2024, there had been 10 million plug-in cars (EV and plug-in hybrids) sold in China. This year, it looks as if another 10 million will be sold. It took 14 years to get to the first 10 million, and will likely take just one year to get to the second 10 million.
volewica.blogspot.com/2025/04/…
20 million plug-in cars sold in China
By the end of 2024, there had been 10 million plug-in cars (EV and plug-in hybrids) sold in China. This year, it looks as if another 10...volewica.blogspot.com
Inside the new George Kittle deal - EUROPE SAYS
The 49ers and tight end George Kittle finalized a new five-year contract on Tuesday.EUROPE SAYS
Росіяни більше хочуть перемогти, ніж ми: начальник штабу ДУК "Правий сектор" про "бусифікацію", розпад РФ та червоні лінії
Спершу з'являються балалайки, а потім приходить ГіркінАртур Гор (Телеграф)
Today in 1999, 26 years ago: Neo-Nazi David Copeland carries out the last of his three nail bombings in London at the Admiral Duncan gay pub, killing three people and injuring 79 others.
cR0w
in reply to Chris Herdt • • •Kind of. The SPF fails, which means that the sending server is likely not the correct email server for PayPal. The reason the DKIM passes is because the DKIM headers are provided by the email itself, including the selector. The receiving server doing the DKIM lookup checks that selector and makes sure the the signature matches the selector in the email, which is specified by the sender. That's it. And because the attacker controls the sending server AND the email headers, it passes. SPF is what is relied on ( with caveats and nuance ) to confirm the sending server matches what the domain admin specifies as the legitimate server(s).
Does that make sense? It did in my head. It's hard to think through it quickly in a little text message. 😆
cR0w
in reply to cR0w • • •Put more simply:
SPF verifies the sending server is one that is specified by the domain admin(s).
DKIM verifies that the message came from the server that the email itself says it came from.
Chris Herdt
in reply to cR0w • • •so if I wanted to send a message from service@paypal.com via mx1.example.com, mx1.example.com could DKIM-sign it to verify it came from mx1.example.com?
I thought DKIM should help prevent spoofed/forged from addresses, but if anyone can sign a message from service@paypal.com then I don't see what good that does
cR0w
in reply to Chris Herdt • • •DKIM prevents forged / spoofed server addresses. It ensures that the message really did originate from where it says it did. SPF is used to verify that the sending server is authorized by the domain to send email on its behalf. Then DMARC tells the receiving server what to do if those checks fail.
So yes, anyone could set up a mail server to send email from, for example, paypal dot com. They can then configure DKIM to sign all of those emails, proving they came from that particular server. They can then publish the DKIM key so that the recipients can confirm the integrity of the message itself and that it really did come from the rogue server. However, SPF would fail.
The opposite also happens. A message could have spoofed headers to lie about the sending server, and have it match the published SPF records for, say paypal dot com. But because they won't have the DKIM private key(s), they will not be able to sign the message. In this case, the message would pass SPF but fail DKIM. Successfully spoofing both of them is relatively resource-expensive and in my experience,
... show moreDKIM prevents forged / spoofed server addresses. It ensures that the message really did originate from where it says it did. SPF is used to verify that the sending server is authorized by the domain to send email on its behalf. Then DMARC tells the receiving server what to do if those checks fail.
So yes, anyone could set up a mail server to send email from, for example, paypal dot com. They can then configure DKIM to sign all of those emails, proving they came from that particular server. They can then publish the DKIM key so that the recipients can confirm the integrity of the message itself and that it really did come from the rogue server. However, SPF would fail.
The opposite also happens. A message could have spoofed headers to lie about the sending server, and have it match the published SPF records for, say paypal dot com. But because they won't have the DKIM private key(s), they will not be able to sign the message. In this case, the message would pass SPF but fail DKIM. Successfully spoofing both of them is relatively resource-expensive and in my experience, quite rare.
Then with DMARC, it's basically brand protection. If for example paypal does not have a strong published policy to reject failures, emails that fail SPF and / or DMARC might be continued and delivered by the receiving server, unless it is configured to follow the checks strictly regardless of the published policy of the sending server.
Hopefully that helps clarify it a bit more.
Chris Herdt
in reply to cR0w • • •I see what is happening now -- the messages *are* from PayPal, and that explains the valid DKIM sig. There's no compromised key here.
The threat actor is making a payment from one PayPal account they control to another PayPal account they control. In the notes field, they add text like: "Don't recognize this transaction? Call 1-888-FAKE-PAY" hoping that the recipient will panic about the unexpected payment and make the call
I still don't entirely understand how the messages (say to a rando yahoo.com address) are getting to my users. Maybe forwarding rules set up by the threat actor? I also don't understand why we're seeing these hit our mail servers only from *.outlook.com servers.
But at least I feel better that a message from paypal.com with a valid sig was signed using a valid paypal.com DKIM signing key.
cy
in reply to Chris Herdt • • •