Using a novel attack method called SMTP Smuggling, malevolent actors can send spoof emails that get around authentication restrictions.
Timo Longin, a researcher well-known for his work on DNS attacks, and SEC Consult, a cybersecurity consulting firm affiliated with the digital transformation enterprise Eviden, jointly uncovered SMTP Smuggling. The attack method targets the Simple Mail Transfer Protocol (SMTP), which is frequently used by mail servers for email transmission, reception, and relaying.
Its specifics were made public on Monday. An attacker can take advantage of variations in how inbound and outgoing SMTP servers interpret a sequence that indicates the end of message data, as demonstrated by Longin and SEC Consult.
Read More: SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.