Get a Pentest and security assessment of your IT network.

Cyber Security

Public Certificate Poisoning Can Break Some OpenPGP Implementations

A certificate spamming attack was discovered in the last week of June against two high-profile contributors in the OpenPGP community involved in the GnuPG (GNU Privacy Guard or GPG) project. The attack impacts to various degrees the encryption protocol implementations for encryption for signing packages and for JavaScript, causing them to slow their operations or even break them. An attacker can add as many as 150,000 signatures for a certificate in the keyserver network – the maximum it can handle. The number of deliberately poisoned certificates will only rise over time.

Source: https://www.bleepingcomputer.com/news/security/public-certificate-poisoning-can-break-some-openpgp-implementations/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation