SMTP Injection vulnerabilities are often misunderstood by developers and security professionals, and missed by static analysis products. This blog will discuss how common SMTP Injection vulnerabilities can exist in libraries and applications, and provide tips for finding and remediating them quickly.
Trustwave MailMarshal has received a major upgrade to version 10.0.5 adding proprietary technologies to greatly increase the security tool’s ability to detect phishing emails, spam and malicious URLs. MailMarshal is already highly effective against phishing, but the new version’s phishing detection ability is boosted by being able to detect 40% of previously ‘hard to detect' samples the addition of these new capabilities.
If you’ve been following my suggestions in this series, then your SaaS sharing configuration now protects sensitive information and your IaaS/PaaS access controls accurately follow the principle of least privilege. Of course, that doesn’t mean you’re done! We must now tame the giant of all file-sharing beasts: email. An email is probably the worst way to share files because there’s no way to limit who sees the file after it is sent.
Email is a universal means of electronic communication used by millions of people. The organization uses them to communicate with the co-employees, suppliers, partners, and customers. It also acts as a suitable medium for cybercrimes to initiate an attack that causes severe damage to the organization. It is estimated that 90% of cyber-attacks emerge from emails. Effective cyber security practices will help the organization prevent attacks and protect the organization.
Can you remember your first email? Either sending one, or receiving it? I certainly remember explaining to people what email was, and I also remember someone telling me they could live without their email server for “about a month before it becomes a problem”. Can you imagine that now? A month without email?
Over the past several years, crypto has become increasingly mainstream. Research has predicted that by the end of 2022, the number of US adults who own at least one cryptocurrency will increase by 19% to 33.7 million. This equates to 12.8% of the population. Naturally, cybercriminals have quickly learned how to cash in on this popularity.
There’s a glimmer of good news amid the ever-evolving IT threat landscape – although it’s come about as a result of worrying illegal activity. Even though recent changes to data privacy laws have placed consumers in control of their personal information, the Federal Trade Commission (FTC) has found that some apps are, in fact, collecting data they don’t need.
Distributing malware through a. ZIP file isn’t anything new, so threat actors are using a new tactic in response to tightening cybersecurity measures across the globe. While most people know not to open an unexpected attachment, these malicious files are starting to pop up in email threads with trusted friends and colleagues — this makes them very easy to fall for.
