The Latest in IT Security

E-Mail Vulnerabilities and Disclosure

06
Jun
2018
E-Mail Vulnerabilities and Disclosure

istock_43885882_medium

Last week, researchers disclosed vulnerabilities in a large number of encrypted e-mail clients: specifically, those that use OpenPGP and S/MIME, including Thunderbird and AppleMail. These are serious vulnerabilities: An attacker who can alter mail sent to a vulnerable client can trick that client into sending a copy of the plaintext to a web server controlled by that attacker. The story of these vulnerabilities and the tale of how they were disclosed illustrate some important lessons about security vulnerabilities in general and e-mail security in particular.

But first, if you use PGP or S/MIME to encrypt e-mail, you need to check the list on this page and see if you are vulnerable.

Read More

Leave a reply


Categories

SATURDAY, AUGUST 18, 2018

Featured

Archives

Latest Comments

Social Networks