An active campaign has been spotted that uses HTML smuggling to deliver malware. The attack, dubbed Duri, uses a JavaScript blob technique to smuggle malicious files via the browser to the user s endpoint (i.e., HTML smuggling) The attack has been ongoing since July, says Menlo Security’s Krishnan Subramanian. Learn more about this latest attack and how enterprises can protect themselves from HTML-smuggling attacks, on the Threatpost podcast this week.
Source: https://threatpost.com/active-malware-campaign-html-smuggling/158439/