Threat actors could launch stealthier targeted phishing attacks through the new Simple Mail Transfer Protocol smuggling technique, reports The Hacker News.
Vulnerable Microsoft, GMX, and Cisco SMTP servers around the world could have inconsistencies in end-of-data sequence management exploited to facilitate arbitrary SMTP command smuggling and the delivery of spoofed emails with fraudulent sender addresses without being detected by Domain-based Message Authentication, Reporting and Conformance, DomainKeys Identified Mail, and Sender Policy Framework protections, a report from SEC Consult showed.
Such concerns, which also affect Sendmail's and Postfix's SMTP implementations, have already been remediated by Microsoft and GMX but Cisco noted that the issue was a feature that did not require fixing.
With Cisco Secure Email instances in their default configurations still vulnerable to inbound SMTP smuggling, users have been urged by SEC Consult to ensure activating "Allow" in their settings to prevent fraudulent emails with DMARC checks.
Thousands of organizations across the U.S. have been targeted by a new phishing campaign deploying the Bumblebee malware, which was last observed in the wild in September, according to BleepingComputer.