S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats • The Register
In Summary : The vulnerability comes in two parts: an HTML exfiltration attack in which a snoop sends the target an email with specially c...
https://updatesinfosec.blogspot.com/2018/05/smime-artists-efail-email-app-flaws.html
In Summary :
The vulnerability comes in two parts: an HTML exfiltration attack in which a snoop sends the target an email with specially crafted web mark-up language. The HTML code would then trick the victim's email client into fetching a URL with the unencrypted message contained in plain text in the request. The attacker would then simply need to find the URL request in their web server logs to see the decoded message [...]
kindly refer the following link as follow up :
https://www.theregister.co.uk/2018/05/14/smime_pgp_encryption_flaw_emails_vulnerable_to_snooping/
The vulnerability comes in two parts: an HTML exfiltration attack in which a snoop sends the target an email with specially crafted web mark-up language. The HTML code would then trick the victim's email client into fetching a URL with the unencrypted message contained in plain text in the request. The attacker would then simply need to find the URL request in their web server logs to see the decoded message [...]
kindly refer the following link as follow up :
https://www.theregister.co.uk/2018/05/14/smime_pgp_encryption_flaw_emails_vulnerable_to_snooping/
