security vulnerability

Swiss Post tweet on the discovered error in their e-voting system source code

tweet_swiss_post_2019.03.12.png

Die wichtigsten Fakten zu Efail (Golem article)

2018/05/22: Article analyzing and answering questions linked to the EFAIL vulnerabilitiesRead more

GnuPG Flaw in Encryption Tools Lets Attackers Spoof Anyone's Signature (The Hacker News article)

2018/06/15: Article about the SigSpoof vulnerability which makes it possible for attackers to fake digital signaturesRead more

Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)

2018/05/14: Article reviewing the story of the EFAIL vulnerabilities concerning PGP encrypted emailRead more

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more

Sarah Jamie Lewis Tweets on vulnerabilities in Swiss Post e-voting system

jamie_lewis_tweet_3.png

Release of source code leads to discovery of flaw in Swiss Post’s new e-voting system (Federal Chancellery press release)

2019/03/12: Federal Chancellery official press release about the flaws found in the Swiss Post e-voting system. The Federal Chancellery calls for Swiss Post to review and improve it's system's security process and "will review the relevant certification and authorization procedures." The...Read more

PGP und S/MIME: E-Mail-Verschlüsselung akut angreifbar (Heise Security article)

2018/05/14: Article on the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

#EFail - the security industry and the importance of nuance (HackDefense article)

2018(05/14: Article criticizing the handling of the EFAIL vulnerabilities disclosureRead more

Trapdoor commitments in the SwissPost e-voting shuffle proof

2019/03/12 : Report of researchers who found a vulnerability in the SwissPost e-voting shuffle. The trapdoor commitment scheme allows an undetectable vote manipulation.

Full version here Read more

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

EFAIL Usenix paper, released (in a draft version) on may 14, 2018 due to embargo break. It describes the EFAIL attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGP.Read more

security vulnerability

Swiss Post tweet on the discovered error in their e-voting system source code

tweet_swiss_post_2019.03.12.png

Die wichtigsten Fakten zu Efail (Golem article)

GnuPG Flaw in Encryption Tools Lets Attackers Spoof Anyone's Signature (The Hacker News article)

Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

Sarah Jamie Lewis Tweets on vulnerabilities in Swiss Post e-voting system

jamie_lewis_tweet_3.png

Release of source code leads to discovery of flaw in Swiss Post’s new e-voting system (Federal Chancellery press release)

PGP und S/MIME: E-Mail-Verschlüsselung akut angreifbar (Heise Security article)

#EFail - the security industry and the importance of nuance (HackDefense article)

Trapdoor commitments in the SwissPost e-voting shuffle proof

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

Sarah Jamie Lewis' thread on Scytl statements

thread_10.png

Search form

security vulnerability