security vulnerability

GnuPG Flaw in Encryption Tools Lets Attackers Spoof Anyone's Signature (The Hacker News article)

2018/06/15: Article about the SigSpoof vulnerability which makes it possible for attackers to fake digital signaturesRead more

How To Turn PGP Back On As Safely As Possible (EFF article)

2018/05/29: EFF recommendation for PGP users on how to react to the EFAIL vulnerabilities disclosureRead more

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register Comments section)

2018/05/14: Comments section under the article of The Register "S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats"Read more

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (draft 0.9.1)

Description of attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGPRead more

Major eFail Vulnerability Exposes PGP Encrypted Email -- UPDATED (Forbes article)

2018/05/14: Article reviewing the story of the EFAIL vulnerabilities concerning PGP encrypted emailRead more

How not to prove your election outcome (SwissPost voting system 2nd vuln reporte)

2019/03/25: Public vulnerability report in the SwissPost e-voting system. Explanation and proof of the vulnerability. This is the second report showing vulnerabilities in this e-voting system by the security researchers team of Sarah Jamie Lewis, Vanessa Teague, and Olivier Pereira.

First...Read more

Was the Efail disclosure horribly screwed up? – A Few Thoughts on Cryptographic Engineering (blog post)

2018/05/17: Matthew Green thoughts on the EFAIL vulnerabilities disclosure, its handling and the future of PGPRead more

Gravierender Mangel am E-Voting-System der Post entdeckt (Republik article)

2019/03/12: Republik article about the vulnerability reported by  security researcher in the Swiss Post e-voting systemRead more

Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext (TheHackerNews article)

2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more

Subscribe to security vulnerability