security vulnerability

Statement on Efail research (Gpg4win)

2018/05/17: Gpg4win statement regarding the EFAIL vulnerabilities and its media coverageRead more

SigSpoof: Spoofing signatures in GnuPG, Enigmail, GPGTools and python-gnupg (NeoPG blog post)

2018/06/13: Blog post on the "SigSpoof". Marcus Brinkmann found this vulnerability that allows spoofing “signed” messages that are not actually signed. This post proves the vulnerability and shows the medias' reactionsRead more

How not to prove your election outcome (SwissPost voting system 2nd vuln reporte)

2019/03/25: Public vulnerability report in the SwissPost e-voting system. Explanation and proof of the vulnerability. This is the second report showing vulnerabilities in this e-voting system by the security researchers team of Sarah Jamie Lewis, Vanessa Teague, and Olivier Pereira.

...Read more

Gravierender Mangel am E-Voting-System der Post entdeckt (Republik article)

2019/03/12: Republik article about the vulnerability reported by  security researcher in the Swiss Post e-voting systemRead more

‘Trojan Source’ Bug Threatens the Security of All Code (Krebs on Security)

2021/11/01 : Brian Krebs explains the vulnerability “Trojan Source” in his blog.

Read more

A unified timeline of Efail PGP disclosure events

2018/05/16: Timeline of the Efail vulnerabilities disclosures to PGP vendors and usersRead more

Was the Efail disclosure horribly screwed up? – A Few Thoughts on Cryptographic Engineering (blog post)

2018/05/17: Matthew Green thoughts on the EFAIL vulnerabilities disclosure, its handling and the future of PGPRead more

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register Comments section)

2018/05/14: Comments section under the article of The Register "S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats"Read more

Subscribe to security vulnerability