Security researchers from SquareX have discovered what they describe as critical flaws in the attachment scanning process of major email service providers, including Apple, Google, Microsoft, and Yahoo, reports Forbes.
Security researchers at web browser security startup SquareX have exclusively shared the results of their latest research with Forbes, research that examined the scanning of emails for malicious attachments by the leading email services. By collating 100 malicious document samples categorized into four broad groups, the researchers were able to confirm that email services such as Google Gmail, Microsoft Outlook, Apple iCloud, Yahoo! Mail, and AOL are all lacking in one aspect of security protection for users: the scanning of email attachments, which proved to be inadequate, to say the least.
The researchers say the four malicious document categories consisted of:
° Original malicious documents from Malware Bazaar;
° Slightly altered malicious documents from Malware Bazaar, such as changes in metadata and file formats;
° Malicious documents modified using attack tools that have existed for many years;
° Basic macro-enabled documents that execute programs on user devices.
Read the entire Forbes article for details.
Article provided with permission from AppleWorld.Today
