Tuesday 15 May 2018

Detection of a loophole in Apple Mail encryption protocols that allows message theft

10:35 Unknown No comments
Detection of a loophole in Apple Mail encryption protocols that allows message theft
Detection of a loophole in Apple Mail encryption protocols that allows message theft

Even if you use an encryption-based e-mail service, this does not make you completely safe. A group of European academic researchers have discovered a gap in two of the most famous encryption protocols used by many companies, including Apple, in its service of Apple Mail.

The vulnerability allows attackers to inject malicious code into e-mail messages even though the server uses a cryptographic protocol that prevents these actions. This attack can steal the entire e-mail content of the victim.

In detail, the PGP and S / MIME protocols are affected by the gap, among the services that Apple Mail uses and the email app on iOS as well as Thunderbird and Enigmail.

Through this vulnerability, attackers can intercept certain e-mail messages, modify their content, add malicious HTML code before they reach the recipient, and when the recipient opens the e-mail, the attack starts immediately.

According to Sebastian Schinzel, professor of computer security at Münster University who is involved in the search for the vulnerability, there are currently no security updates for this vulnerability.

Source
Posted in:

0 comments:

Post a Comment

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Online Project management