SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails

By Newsroom

A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from arbitrary email addresses, allowing targeted phishing attacks," Timo Longin, a senior security

Related tags
January 3^rd 2024 at 10:42

The Hacker News
Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems
December 15^th 2022 at 06:02

Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems

By Ravie Lakshmanan

Phishing campaigns involving the Qakbot malware are using Scalable Vector Graphics (SVG) images embedded in HTML email attachments. The new distribution method was spotted by Cisco Talos, which said it identified fraudulent email messages featuring HTML attachments with encoded SVG images that incorporate HTML script tags. HTML smuggling is a technique that relies on using legitimate features of

Related tags
December 15^th 2022 at 06:02