Friday morning we were notified that Log4j, a popular Java logging library, contains a critical vulnerability that can result in Remote Code Execution (RCE) when a certain attacker-controlled message gets logged. As we use Log4j in CipherMail Gateway and Webmail Messenger, and the vulnerability appeared to be trivial to exploit …
The PDF encryption module of PDF messenger now fully supports HTML email and embedded images.
No need to manually edit configuration files and copying them to all cluster nodes anymore, CipherMail is now automated!
This article will give some insight in how we use our products ourselves as a way of quality control and testimonial advertising.
Background info on CVE-2020-12713 & CVE-2020-12714
EFAIL: detection and prevention
EFAIL: how to detect you are being attacked?
EFAIL: which is vulnerable? PGP, S/MIME or your mail client?
The short answer: probably not. The long answer: keep reading.
Desktop email encryption might be conflicting with the requirement to archive email in a readable and searchable form. Placing an email encryption gateway before the archiving system might help to fulfill both requirements.
Why are most emails not encrypted? This might be because most email encryption products are too difficult to use. We propose that email encryption should be done at the gateway level.
A Hardware Security Module (HSM) can be used to securely store your private keys on a tamper-proof device. This is especially important when using qualified certificates.
Why leaking email addresses is a data breach and what can be done to prevent the common cc vs bcc mistake.
How to scan incoming encrypted email for viruses and spam and still be compliant with German law.
(in Dutch) Waarom wordt e-mailversleuteling niet vaker toegepast? Hoe je ervoor kunt zorgen dat er vaker wordt versleuteld.
In a perfect world, email can only be read by the user the email was intended for. In the real world however, things are a bit different.