OpenPGP and S/Mime vulnerability EFAIL discovered

Discussion in '0-day Release' started by RGiskardR, May 15, 2018.

  1. RGiskardR

    RGiskardR Malware Tester Silver Member

    [​IMG]
    EFAIL is the name of a new set of vulnerabilities that allow attackers to exploit issues in OpenPGP and S/Mime to gain access to encrypted messages.

    OpenPGP is an encryption standard that Internet users may use to protect sensitive data such as emails by using encryption. S/Mime is another standard that is widely used in corporate environments.

    EFAIL requires that the attacker managed to gain access to encrypted emails and that the target runs client software that is vulnerable to one of the two available attack types.

    An attacker could gain access to encrypted emails by monitoring network traffic, compromising email servers or the computers of users, or gaining access to backup servers.

    Full reading: https://www.ghacks.net/2018/05/14/openpgp-and-s-mime-vulnerability-efail-discovered/
     
    silversurfer likes this.
  2. Google Adsense

Share This Page