A group of European researchers posted a [warning on Twiter](https://twitter.com/seecurity/status/995906576170053633) that the PGP/GPG and S/MIME email encryption included a group of serious vulnerabilities that can reveal the content of past (encrypted) messages to the attacker.
<center>![skul1.jpg](https://steemitimages.com/DQmVCyFZ39YgbMACCN5EsqNLyzLpfpBFAk4YZjP7WSzrb3V/skul1.jpg)
*[image source](https://pixabay.com/en/ransomware-cyber-crime-security-2320793/)*</center>
With the details of the vulnerability, the researchers had previously informed the Electronic Frontier Foundation, which confirmed that it's a serious threat.

As a first step, it's recommended to disable automatic decryption of messages, that is, disabling PGP/GPG encryption in mail clients (e.g., Enigmail in the Thunderbird client, GPGTools in Apple Mail, Gpg4win in Outlook).

The authors also published a [description of the vulnerability](https://efail.de/). There are two methods. 
- The first method is direct exfiltration, where the attacker steals the contents of the encrypted message by an HTML image badge which is embedded in a properly prepared message.
-  The second method is CBC/CFB Gadget Attack. It's an attack that exploits the specificity of Cipher Block Chaining encryption. The assumption of this attack is that an attacker knows at least one full block of plain text, which is not a problem in the given case since S/MIME encrypted emails usually begin with "Content-type: multipart/signed".    

<center>![efail2.png](https://steemitimages.com/DQmY4CTPbcXMh3ELSkS18dJvQ5canHgBHNMP4P5vQcFtjvs/efail2.png)
*[image source](https://efail.de/media/smime-attack.png)*</center>

As mentioned, the short-term solution is to disable encryption in the mail client and disable the HTML viewer, and the long-term solution will require the installation of appropriate updates (when available) and an upgrade of OpenPGP and S/MIME standards.

More details:
[PSA: PGP and S/MIME email clients may leak encrypted emails](https://thenextweb.com/security/2018/05/14/psa-pgp-and-s-mime-are-broken-and-leaking-encrypted-emails-stop-using-them-right-now/)
[Attention PGP Users: New Vulnerabilities Require You To Take Action](https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now)
[Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels - full technical report](https://efail.de/efail-attack-paper.pdf)

More security news:
[Malicious Chrome Extensions Infected Thousands Of Computers](https://steemit.com/security/@seckorama/malicious-chrome-extensions-infected-thousands-of-computers)
[Master Key For Hotel Rooms](https://steemit.com/security/@seckorama/master-key-for-hotel-rooms)
[Internet Passwords Will Soon Be A History?](https://steemit.com/security/@seckorama/internet-passwords-will-soon-be-a-history)
[Does This Change Will Speed Up Your Internet?](https://steemit.com/privacy/@seckorama/does-this-change-will-speed-up-your-internet)
[5 Privacies You Didn't Know You Lost](https://steemit.com/privacy/@seckorama/5-privacies-you-didn-t-know-you-lost)
[Piracy Is Popular Like Never Before](https://steemit.com/piracy/@seckorama/piracy-is-popular-like-never-before)
[Kaspersky Lab Joins Enterprise Ethereum Alliance](https://steemit.com/security/@seckorama/kaspersky-lab-joins-enterprise-ethereum-alliance)
[Slingshot - A State-Sponsored Malware](https://steemit.com/security/@seckorama/slingshot-a-state-sponsored-malware)

<center>Enjoy the rest of the day!
![logosecko.gif](https://res.cloudinary.com/hpiynhbhq/image/upload/v1510949615/f4uqakvlsemsjuvj0lrb.gif)
@seckorama

[Take a look at my DTube Channel](https://d.tube/#!/c/seckorama)
[Check out my DSound Channel](https://dsound.audio/#/@seckorama)</center>