Cybersecurity researchers have uncovered a critical vulnerability affecting over 20 million trusted domains, including those belonging to Fortune 500 companies and government agencies.
The flaw, discovered by PayPal security experts, exploits weaknesses in email hosting providers, allowing attackers to bypass essential security protocols like SPF, DKIM, and DMARC. By chaining together multiple vulnerabilities, cybercriminals can send malicious emails that appear to originate from legitimate sources, increasing the risk of phishing and data breaches.
The researchers will unveil the specific attack techniques and affected vendors at the Black Hat USA conference in August. While some email providers have options to mitigate the issue, many large organizations continue to use vulnerable default settings, expanding the attack surface.
Experts recommend organizations strengthen their email security measures, including enforcing SPF, DKIM, and DMARC, using advanced email filtering solutions, and staying updated on the latest threats.
The discovery highlights the ongoing challenge of securing email communications and underscores the need for robust defenses against sophisticated cyberattacks.