Post by VMRay

🇵🇹 Despite years of investment in Secure Email Gateways, #phishing is still one of the most effective ways into an organization. The question worth asking isn't why attackers keep trying. It's why they keep succeeding. https://lnkd.in/dmaREexF Tomorrow, VMRay is at BSides Porto. And on Day 2, Andrey Voitenko, CISSP takes the stage to dig into exactly that. His talk, looks at a structural reason phishing slips through: #SEGs are built for #speed and #scale, processing huge volumes of email with minimal latency. That optimization comes at the cost of depth, and sophisticated campaigns are designed to exploit exactly that blind spot: Multi-stage redirect chains. QR codes. SVG images. HTML smuggling. Geolocation- and time-based payload activation. Andrey will also cover a practical, often-overlooked fix: connecting your User-Reported Phishing program to advanced #sandboxing that operates outside real-time delivery constraints. The kind that simulates real user interaction, follows complex redirect paths, and exposes evasive payloads safely, with real-world examples including QR-code attacks and ClickFix. If you're in Porto, catch the talk. Let's have a conversation after. #BSidesPorto #Phishing #SOC #ThreatDetection #MalwareAnalysis