Security researchers have found an alarming vulnerability in the most common forms of email encryption. They reported it on Monday morning, saying it allowed people to inject malicious code into intercepted emails despite encryption protocols.
So what happens? Well, the vulnerability affects 2 of the most common email encryption protocols – PGP & S/MIME, although the degree of vulnerability depends heavily on the client’s implementation of the protocol. A number of different clients are vulnerable, including
Apple Mail, the Mail app on iOS, & Thunderbird.
If an encrypted email using those clients is intercepted in transit, an attacker could use the new vulnerability to modify the email, adding malicious HTML code before sending it to the target. When the target opens the new email, the malicious code could be used to send back the plaintext of the email, said the team of European researchers.
http://news.google.com May 14, 2018
The weakness could allow a hacker to expose plaintext versions of encrypted messages—a nightmare scenario for users who rely on encrypted email to protect their privacy, security, and safety. The we …
Read more …
http://news.google.com May 14, 2018
The email encryption standards S/MIME — short for Secure/Multipurpose Internet Mail Extensions — and OpenPGP have been in use since the 1990s. S/MIME is frequently deployed by enterprises …
Read more …
http://news.google.com May 14, 2018
This short how-to guides users through the steps necessary to remove the popular open-source encryption plugin GPG Tools (GPGMail) from Apple Mail. It requires deleti …
Read more …
Also read: What’s email personalization is all about
http://news.google.com May 14, 2018
What exactly does “email personalization” mean? For some brands, it means including first name in an email. For others, it’s ab …
Read more …
