CSOonline

SMTP smuggling enables email spoofing while passing security checks

Security researchers have found inconsistencies in how some Simple Mail Transfer Protocol (SMTP) servers handle end-of-data sequences. This allows the injection of SMTP commands into email messages in ...
ZDNet

Axis releases updates for three new vulnerabilities found by security company

Nozomi Networks Labs unveiled three different vulnerabilities in video recording device software from Axis. Axis has already released firmware updates addressing each issue after being notified about ...
Ars Technica

What all the stuff in email headers means—and how to sniff out spoofing

I pretty frequently get requests for help from someone who has been impersonated—or whose child has been impersonated—via email. Even when you know how to “view headers” or “view source” in your email ...
Ars Technica

Hiding internal private IP in SMTP headers?

I've configured our internal Exchange servers to relay outbound mail through a proxy/firewall. <BR><BR>I've noticed that the headers on external emails contain the private IPof the internal mailserver ...
Threat Post

IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft

Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. Three vulnerabilities in the IP video-surveillance systems created by ...
Threat Post

Facebook, Yahoo Curb Identity Theft with New Email Ownership Header

A new SMTP header developed by Facebook and Yahoo confirms ownership of Yahoo email accounts. Yahoo’s decision in June 2013 to reset accounts that had been dormant for 12 months and make them ...
ZDNet

Can greylisting help stem the tide of junk e-mail?

When the valid SMTP connection tries to e-mail again, the server won't block valid messages because the greylist-enabled server matches the IP address, as well as information in the MAIL FROM and RCPT ...