The Attack You Never See Coming: HTML Smuggling + Quasar RAT

HTML attachment attacks are increasing as more organisations move to URL rewriting, and attackers work to bypass click time protection. Opening the attachment in a browser means its almost indistinguishable to an end user, who may not associate links in emails and links in attachments as different things, but the security challenges a lot of vendors face in being able to scan and block these attachments mean too many of these reach user's inboxes.The video below helps to demonstrate how easy it can be for attackers to package an intrusive malware, like a remote access trojan, into an otherwise legitimate email, and trick users into downloading and executing payloads on their behalf. The videos are designed to show you how easy it can be for even sophisticated attackers to put your organisation, or even your friends and family, at risk.