Stealthier phishing attacks possible with new SMTP smuggling technique

4 January 2024

Threat actors could launch stealthier targeted phishing attacks through the new Simple Mail Transfer Protocol smuggling technique, reports The Hacker News. Vulnerable Microsoft, GMX, and Cisco SMTP servers around the world could have inconsistencies in end-of-data sequence management exploited to facilitate arbitrary SMTP command smuggling and the delivery of spoofed emails with fraudulent sender addresses without being detected by Domain-based Message Authentication, Reporting and Conformance, DomainKeys Identified Mail, and Sender Policy Framework protections, a report from SEC Consult showed.

Source: SC Magazine

Date:

4 January 2024

Categorie(s):

NEWS

Tag(s):

IT, Malware, News, SMTP

Accelerated patching found with CISA KEV catalog-listed flaws3 May 2024
New AI security bill unveiled in Senate3 May 2024
US arrests ex-cyber consultant accused of IT firm extortion3 May 2024
Bug hunters can get up to $450,000 for an RCE in Google’s Android apps3 May 2024
Mounting global ransomware attacks significantly impact US3 May 2024