New SHA-1 Attack

There's a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We ...
What type of encrypted email is right for your enterprise?

What type of encrypted email is right for your enterprise?

Encrypted email describes email messages which have been encoded to prevent unauthorized access to their contents. Given the frequent number of targeted attacks and impersonations through email, forward-thinking enterprises have embraced encrypted ...

E-Mail Vulnerabilities and Disclosure

Last week, researchers disclosed vulnerabilities in a large number of encrypted e-mail clients: specifically, those that use OpenPGP and S/MIME, including Thunderbird and AppleMail. These are serious vulnerabilities: An attacker who can ...
Facebook

The Shared Security Weekly Blaze – Efail Vulnerabilities and PGP Encryption, Facebook’s App Investigation, Nest Password Notifications

This is the Shared Security Weekly Blaze for May 21, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions, Silent Pocket and CISOBox. This episode ...
Researchers Warn of Serious Flaws in PGP and S/MIME Email Encryption

Researchers Warn of Serious Flaws in PGP and S/MIME Email Encryption

A team of security researchers has found serious flaws in how email clients handle PGP and S/MIME encrypted emails that could allow attackers to steal the contents of sensitive communications. On May ...
Security Boulevard

Details on a New PGP Vulnerability

A new PGP vulnerability was announced today. Basically, the vulnerability makes use of the fact that modern e-mail programs allow for embedded HTML objects. Essentially, if an attacker can intercept and modify ...

IBE and PGP

Identity-based encryption (IBE) was first proposed by Adi Shamir over 25 years ago, developed by Dan Boneh and Matt Franklin in one scheme, and Clifford Cocks in another. If these names don't ...

Cheap as chips, safe as… chips.

I'm constantly amazed at how little strategy there is in most organisations. It doesn't matter how big or how small, I have rarely come across an organisation that has a fully joined ...

De facto

| | pgp
Always good to pad out a post with a bit of Wikipedia:De facto is a Latin expression that means 'concerning fact'. Inlaw, it is meant to mean 'in practice but not necessarily ...