A team of information security experts released a warning about a group of vulnerabilities that affect users of PGP and S / MIME. EFF kept in communication with the research group and can confirm that the vulnerabilities present an immediate risk for the users of these tools in the communication by email.
The details will be published in a document on Tuesday at 07:00 a.m. UTC This is in order to reduce the risk in the short term, professionals have decided to warn the community of PGP users in general before its full publication.
The information security professionals recommended deactivating and / or uninstalling the tools that automatically decrypt the email encrypted with PGP. This until the defects are understood and solved, users must organize the use of alternative secure channels end-to-end, and temporarily stop sending, in addition to reading the email encrypted by PGP.
You should think of these steps as a temporary measure until the immediate risk has passed and been mitigated by the community in general.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.