A computer vulnerability puts the data of large corporations at risk.
A number of vulnerabilities in the PGP / GPG and S / MIME protocols endanger encrypted emails from around the world, warns a group of German and Belgian computer researchers.
The flaw, called ‘efail’ (email + fail), is capable of exposing the content of encrypted electronic messages and affects the iOS security system.
Then the question arises, how does it work and how can your data be protected? As explained by Sebastian Schinzel, one of the researchers, “the efail uses HTML content of emails, images for example, to filter the text without formatting through the URLs requested.”
The expert stressed that “to create these filtering channels the attacker first needs access to encrypted emails, for example, intercepting network traffic, compromising accounts and email servers or backup systems.”
The fundamental advice for all users is to download a new update of ‘software’ from Apple, in addition to disable the automatic decryption of encrypted emails with PGP.
According to experts warned, hackers can take advantage of vulnerabilities in some systems such as Outlook, Apple Mail, iOS Mail or Mozilla Thunderbird and their PGP plugins (Gpg4win, GPG Tools and Enigmail) so it is necessary to stop using “in a way immediate “this type of encryption.
Computer experts also shared instructions on how to disable PGP in Thunderbird, Apple Mail and Outlook.
In addition, it is advisable to disable HTML rendering, since ‘efail’ attacks abuse active content, such as images or HTML styles. According to the experts, this is the easiest way to solve the problem.
“HTML is used as a back door to create an ‘oracle’ for modified encrypted emails,” concluded Werner Koch, one of the researchers.
In this sense, telecommunications advances providing great benefits to users, but on the other hand, hackers are always taking a step forward, they look for vulnerabilities in the systems for exploitation, this has a great nightmare to handle information and that the system gives you security, if we imagine that one of the ways is encrypting the information, but already the criminals present in the computer networks discover how to enter the emails and from there access valuable information. Therefore, even cryptocurrencies, such as bitcoin, can be in danger, because their keys can be exploited, with their consequences. Therefore, it is worth saving resources or assets in cold keys. It waits for new ads.
Disclaimer: This press release is for informational purposes information does not constitute investment advice or an offer to invest. The views expressed in this article are those of the author and do not necessarily represent the views of infocoin, and should not be attributed to, Infocoin.