security vulnerability

Trojan Source: Invisible Vulnerabilities (Boucher and Anderson article)

2021/10/30 : Nicholas Boucher and Ross Anderson "present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye." This new threat has been called 'Trojan Source'.

Read more

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more

Swiss Post puts e-voting on hold after researchers uncover critical security errors

2019/04/05: The Daily Swig article reviewing the controversies surrounding the Swiss Post public intrusion test for their e-voting systemRead more

EFF : Attention PGP Users New Vulnerabilities Require You To Take Action Now (EFF article)

2018/05/14: EFF statement regarding the newly disclosed vulnerabilities affecting PGP and S/MIME usersRead more

Paypal bug $10K - All Secondary users account takeover leads to unauthorized money transfer from paypal business accounts (blog post)

2019/07/30: Mohd Haji's blog post on one of findings in Paypal. Explanation of the vulnerability he found and the steps he took.Read more

Efail or OpenPGP is safer than S/MIME (W. Koch email)

2018/05/14: Werner Koch statement on EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

‘Trojan Source’ Bug Threatens the Security of All Code (Krebs on Security)

2021/11/01 : Brian Krebs explains the vulnerability “Trojan Source” in his blog.

Read more

PGP und S/MIME abschalten (Golem article)

2018/05/14: Article on the disclosed vulnerabilities in OpenPGP and S/MIMERead more

HTML MAils have no Security Concept and are to blame (Hanno's blog)

2018/06: Hanno Böck's toughts and opinions on HTML mails and its roles in the EFAIL vulnerabilitiyRead more

A unified timeline of Efail PGP disclosure events

2018/05/16: Timeline of the Efail vulnerabilities disclosures to PGP vendors and usersRead more

Subscribe to security vulnerability