efail (S/MIME, PGP leak)

This topic contains 0 replies, has 1 voice, and was last updated by  BillV 3 months ago.

  • Author
    Posts
  • #168325
     BillV 
    Participant

    “The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.”

    From here: https://efail.de/

You must be logged in to reply to this topic.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Copyright ©2018 Caendra, Inc.

Sign in with Caendra

Forgot password?Sign up

Forgot your details?