We will kick off the year with demystifying a couple of terms that folks new to the realm of cyber security often mix up. Those are the terms Exfil or DLP. So by the end of the session you will surely understand where you stand the next time you will hear an Exfil has happened to so and so org or a DLP is require here.
Before we get into the weeds, lets review the recent top trending news this week. These are
- A new threat abusing the good old SMTP protocol
- We’ll talk about Terrapin and what protocol that is abusing as well
– https://sec-consult.com: SMTP Smuggling, spoofing e-mails worldwide
– https://www.postfix.org: SMTP Smuggling
– https://arstechnica.com: Millions still haven’t patched Terrapin SSH protocol vulnerability
– https://terrapin-attack.com: Terrapin Attack
– https://attack.mitre.org: ATT&CK