PGP

Pierluigi Paganini May 14, 2018
Researchers disclosed details of EFAIL attacks on in PGP and S/MIME tools. Experts believe claims are overblown

EFAIL attacks – Researchers found critical vulnerabilities in PGP and S/MIME Tools, immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. A few hours ago, I reported the news that security researchers from three universities in Germany and Belgium have found critical vulnerabilities in PGP and S/MIME Tools that could be exploited by attackers to read emails encrypted […]

Pierluigi Paganini May 14, 2018
Critical Flaws in PGP and S/MIME Tools – Immediately disable tools that automatically decrypt PGP-encrypted email

Researchers found critical vulnerabilities in PGP and S/MIME Tools, immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email. If you are one of the users of the email encryption tools Pretty Good Privacy and S/MIME there is an important warning for you. A group of European security expert has discovered a set of critical […]

Pierluigi Paganini September 25, 2017
Adobe accidentally leaked online its Private PGP Key

The Adobe product security incident response team (PSIRT) accidentally published a private PGP key on its blog, once discovered the issue it quickly revoked it. On Friday, the Adobe PSIRT updated its Pretty Good Privacy (PGP) key and published the new public key on the blog post. The new key should have been valid until September […]

Pierluigi Paganini March 10, 2017
Ennetcom – Dutch Police confirmed to have decrypted BlackBerry PGP messages in a criminal case

The Dutch police decrypted a number of PGP messages sent by crooks through their BlackBerry mobile devices for the criminal investigation on Ennetcom. PGP is an open source end-to-end encryption standard that can be used to sign emails, files, documents, or disk partitions. On April 2016, the Dutch Police arrested a 36-year-old man on suspicion […]

Pierluigi Paganini March 01, 2017
The Google E2EMail is now fully community-driven open source project

Google has now announced that E2EMail is no more a Google product, instead, it has become a “fully community-driven open source project.” The End-to-End crypto library is a core component of several projects of the IT giant such as the E2EMail, a Chrome app that runs independent of the normal Gmail web interface and allows non-technical users to […]

Pierluigi Paganini September 13, 2014
DNS cache poisoning attacks to steal emails are reality

CERT warns that DNS Cache Poisoning attacks could be used also to hijack email to a rogue server and not only to divert the Internet traffic. DNS attacks are very popular in hacking community, they could be run by cyber criminals and state-sponsored hackers for various purposes, including cyber espionage and financially motivated attacks. A DNS […]

Pierluigi Paganini December 22, 2012
Accessing to PGP, TrueCrypt, and BitLocker encrypted containers with a £300 tool

The news was a bolt from the blue, the confidentiality of our data is at risk, Russian company Elcomsoft has announced that its software tool Elcomsoft Forensic Disk Decryptor is able to decrypt encryption containers created with  TrueCrypt, PGP and BitLocker To Go. These software are considered the most common and reliable tools used by […]