July 18, 2024 at 02:23PM Three novel attack techniques chaining vulnerabilities found in email-hosting platforms allow spoofing of emails from over 20 million trusted organization domains. Researchers at PayPal discovered flaws that bypass SPF, DKIM, and DMARC protocols, affecting large email service providers. They plan to disclose these vulnerabilities in an upcoming conference. The attacks … Read more
January 3, 2024 at 06:18AM A new exploitation technique called SMTP smuggling allows threat actors to send malicious emails with fake sender addresses, bypassing security measures. The method exploits vulnerabilities in messaging servers from Microsoft, GMX, and Cisco, impacting SMTP implementations from Postfix and Sendmail. Cisco users are advised to change settings to avoid receiving … Read more
December 18, 2023 at 03:20PM Attackers have developed a novel method called “SMTP smuggling” to exploit vulnerabilities in email servers, allowing them to send spoofed emails from legitimate domains and bypass email security checks. This technique affects servers from Microsoft, GMX, and Cisco, potentially putting organizations at risk for targeted phishing attacks. Microsoft and GMX … Read more