European security researchers have found an alarming new vulnerability in the most common forms of email encryption. The attack, described in a report published Monday morning, lets bad actors inject malicious code into intercepted emails, despite encryption protocols designed to protect against code injection. Implemented correctly, the malicious code could be used to steal the entire contents of a target’s inbox.
The vulnerability affects two of the most common email encryption protocols, PGP and S/MIME, although the degree of vulnerability depends heavily on the client’s implementation of the protocol. A number of different clients are vulnerable, including Apple Mail, the Mail App on iOS, and Thunderbird. Notably, many currently...
from
https://www.theverge.com/2018/5/14/17351684/email-encryption-attack-thunderbird-apple-mail-malicious-code-vulnerable
from
https://ifeeltechinc.blogspot.com/2018/05/researchers-have-found-vulnerability-in.html
No comments:
Post a Comment