SMTP Smuggling - Spoofing E-Mails Worldwide
Fri 22 December 2023 / Martijn BrinkersSEC Consult Vulnerability Lab, Timo Longin discovered a novel exploitation technique for SMTP
CipherMail Gateway and Webmail Messenger are not impacted by the Log4j vulnerabilities
Sun 12 December 2021 / Martijn BrinkersFriday morning we were notified that Log4j, a popular Java logging library, contains a critical vulnerability that can result in Remote Code Execution (RCE) when a certain attacker-controlled message gets logged. As we use Log4j in CipherMail Gateway and Webmail Messenger, and the vulnerability appeared to be trivial to exploit …
HTML email is now fully supported by the PDF encryption module
Fri 03 December 2021 / Martijn BrinkersThe PDF encryption module of PDF messenger now fully supports HTML email and embedded images.
Automating CipherMail deployments
Mon 05 July 2021 / Imre JonkNo need to manually edit configuration files and copying them to all cluster nodes anymore, CipherMail is now automated!
Eating our own dog food
Thu 16 July 2020 / Imre JonkThis article will give some insight in how we use our products ourselves as a way of quality control and testimonial advertising.
CipherMail CVE-2020-12713 & CVE-2020-12714
Thu 28 May 2020 / Martijn BrinkersBackground info on CVE-2020-12713 & CVE-2020-12714
EFAIL: how to detect you are being attacked?
Tue 15 May 2018 / Martijn BrinkersEFAIL: how to detect you are being attacked?
EFAIL: which is vulnerable? PGP, S/MIME or your mail client?
Mon 14 May 2018 / Martijn BrinkersEFAIL: which is vulnerable? PGP, S/MIME or your mail client?
Will DANE for SMTP solve all of your GDPR problems?
Wed 09 May 2018 / Martijn BrinkersThe short answer: probably not. The long answer: keep reading.
Encrypted email and archiving requirements
Tue 31 January 2017 / Martijn BrinkersDesktop email encryption might be conflicting with the requirement to archive email in a readable and searchable form. Placing an email encryption gateway before the archiving system might help to fulfill both requirements.
What does it take for Johnny to start encrypting his email?
Mon 30 May 2016 / Martijn BrinkersWhy are most emails not encrypted? This might be because most email encryption products are too difficult to use. We propose that email encryption should be done at the gateway level.
Using an HSM to protect your encryption and signing keys
Mon 23 May 2016 / Martijn BrinkersA Hardware Security Module (HSM) can be used to securely store your private keys on a tamper-proof device. This is especially important when using qualified certificates.
Why leaking email addresses is a data breach
Sun 15 May 2016 / Martijn BrinkersWhy leaking email addresses is a data breach and what can be done to prevent the common cc vs bcc mistake.
Encrypted email, spam and the German law
Tue 10 May 2016 / Martijn BrinkersHow to scan incoming encrypted email for viruses and spam and still be compliant with German law.
Waarom Jan zijn e-mail niet versleutelt?
Thu 13 November 2014 / Martijn Brinkers(in Dutch) Waarom wordt e-mailversleuteling niet vaker toegepast? Hoe je ervoor kunt zorgen dat er vaker wordt versleuteld.
Encrypted email in the cloud
Fri 06 June 2014 / Martijn BrinkersIn a perfect world, email can only be read by the user the email was intended for. In the real world however, things are a bit different.