krinkle, Timo Longin @login introduces SMTP smuggling, a novel technique to spoof fully SPF-validated emails from various popular domains including @microsoft.com.
Wow. It's incredible nobody found this before. It's the first of its kind. Probably not the last...!
Related:
https://media.ccc.de/v/37c3-11782-smtp_smuggling_spoofing_e-mails_worldwide
https://www.postfix.org/smtp-smuggling.html
https://www.malwarebytes.com/blog/news/2024/01/explained-smtp-smuggling#SmtpSmuggling #37C3 #SMTP #vulnerability #infosec #TimoLongin #security
Add comment