Dark Reading Interviews Securolytics Co-Founder

Securolytics recently uncovered a new email exploit we named the Split Tunnel SMTP Exploit.  It allows an attacker to bypass email security gateways and inject malicious messages directly into the victim’s email server.  The good news is that Securolytics Email Encryption customers were always protected against this exploit as our integrated cloud platform performs encryption/decryption and malicious payload inspection in a single process.   Read more “Dark Reading Interviews Securolytics Co-Founder”

Split Tunnel SMTP Exploit Explained

Published: May 23, 2017
Security Research By: Vikas SinglaJason Morris

Executive Summary:

Exploit:

The Split Tunnel SMTP Exploit allows an attacker to bypass an organization’s email security gateway and inject messages with malicious payloads directly into the victim’s email server. This exploit targets a newly discovered vulnerability in popular Email Encryption appliances as a backdoor.  Injectable payloads can include anything that supports MIME encoding including:

  • Ransomware
  • Macro Viruses
  • Password Protected ZIP Files
  • Phishing Attacks

Read more “Split Tunnel SMTP Exploit Explained”

WannaCry Payment Deadline Nears

An update on the WannaCry Ransomware attack. (Source: NY Times) With the clock ticking on whether a global hacking attack would wipe out his data, Bolton Jiang had no intention of paying a 21st-century ransom.  Since a week ago, when the malware first struck, Mr. Jiang has been busily fixing and replacing computers at the electronics company where he works in Shanghai.  Paying is a bother, he said, and there was no guarantee he would get his data back. Read more “WannaCry Payment Deadline Nears”