Published: May 23, 2017
Security Research By: Vikas Singla & Jason Morris
Executive Summary:
Exploit:
The Split Tunnel SMTP Exploit allows an attacker to bypass an organization’s email security gateway and inject messages with malicious payloads directly into the victim’s email server. This exploit targets a newly discovered vulnerability in popular Email Encryption appliances as a backdoor. Injectable payloads can include anything that supports MIME encoding including:
- Ransomware
- Macro Viruses
- Password Protected ZIP Files
- Phishing Attacks