Last week our content manager, Mindy Affrime, sent me an article about the risks associated with Medical IoT Devices. The article caught my attention because of the author. It was published by the Cyber Security Engineering Department at the University of San Diego. The article names four areas they believe “will be particularly vulnerable to cyber attack[s]” in 2017. Read more “Medical IoT Devices Named Top Security Threat”
Split Tunnel SMTP Exploit Explained
Published: May 23, 2017
Security Research By: Vikas Singla & Jason Morris
Executive Summary:
Exploit:
The Split Tunnel SMTP Exploit allows an attacker to bypass an organization’s email security gateway and inject messages with malicious payloads directly into the victim’s email server. This exploit targets a newly discovered vulnerability in popular Email Encryption appliances as a backdoor. Injectable payloads can include anything that supports MIME encoding including:
- Ransomware
- Macro Viruses
- Password Protected ZIP Files
- Phishing Attacks