Microsoft alerts of new Phishing campaigns
From Microsoft they have reported that they have seen a increase in malicious campaigns which are based on HTTP Request Smuggling, which attacks how a website processes HTTP request sequences. It must be taken into account that they are vulnerabilities that in many cases are of a critical nature, which is why attackers manage to bypass security measures.
This type of threat is capable of putting at risk different types of devices. For example it can affect a web server, proxy or firewall. It is not a new technique, but with the passage of time it has perfected its attacks and reached more systems.
The main risk with this type of techniques is that in many cases the antivirus are not able to detect them. Antivirus engines have a database with previously discovered threats, but in case it is something new and has not been previously discovered, things get complicated.
This could lead to the theft of data, passwords, sneaking malware … It is a technique that, ultimately, can put our privacy and security in serious danger.
How to avoid these types of attacks
So what can we do to prevent security attacks of this type? The most important thing will always be the common sense. We must avoid making mistakes such as opening an attachment that we have received by email, installing a program from unofficial sources, etc.
On the other hand, it is very important to avoid any type of threats to have a good antivirus, that it is updated, as well as having the latest versions of the operating system. This will prevent the entry of many threats that could put computers at risk.