security vulnerability

Vanessa teague's tweet on The CyberWire podcast

Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

EFAIL Usenix paper, released (in a draft version) on may 14, 2018 due to embargo break. It describes the EFAIL attacks (technique: malleability gadgets) to reveal plaintext of emails encrypted with S/MIME and OpenPGP.Read more

Knights and Knaves Run Elections: Internet Voting and Undetectable Electoral Fraud (IEEE article)

2019/07/04: Institute of Electrical and Electronics Engineers's article on the vulnerability found in the Swiss Post e-voting system, the security of e-voting systems and how to build a trustworthy e-voting system.

Reference: ...Read more

Matthew Green's thread on Swiss Post e-voting system code

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats (The Register article)

2018/05/14: Article describing the EFAIL vulnerabilities concerning OpenPGP and S/MIME encrypted emailRead more

Sarah Jamie Lewis Tweets on vulnerabilities in Swiss Post e-voting system

How To Turn PGP Back On As Safely As Possible (EFF article)

2018/05/29: EFF recommendation for PGP users on how to react to the EFAIL vulnerabilities disclosureRead more

Subscribe to security vulnerability
Need help with PECE?
Join the PECE Slack channel