WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
  Home News Technology Internet Security Sunday, May 27, 2018 
Add Press Release News | News Feeds Feeds | Email This News Email


Cloud security experts at Hornetsecurity dispute headlines questioning email encryption standards
Wednesday, May 16, 2018

Cloud security experts at Hornetsecurity dispute headlines questioning email encryption standards

PITTSBURGH, May 16, 2018 /PRNewswire/ -- Hornetsecurity, a German-based cloud security solutions company that recently opened its first United States base of operations in Pittsburgh, vehemently disagrees with a recent study that calls into question the security of PGP and S/MIME encryption standards widely used by businesses for their corporate email communications.

On May 14, researchers from M√ľnster University of Applied Sciences (Germany), Ruhr University Bochum (Germany) and Leuven University (Belgium) published a paper that questioned the safety of common encryption standards, creating a worldwide panic within the technology community.

The recent attacks, commonly referred to as eFail, are technically complex and require several steps. However, as Hornetsecurity experts point out, the vulnerabilities discovered do not impact the security protocols themselves but use already known weaknesses in recipients' email clients to make them decrypt an encrypted email and deliver it to the attacker, thereby bypassing encryption protocols.

To get access to the content of an intercepted encrypted email, one of the attacks works by building a new email consisting of a corrupted HTML part, followed by the encrypted content. The recipient's email client is then tricked by the corrupted HTML part to decrypt the encrypted message and send the decrypted message back to the attacker.

"This kind of unsubstantiated exaggeration doesn't help the cause of increasing the wider use of encryption and providing better overall security," Hornetsecurity CEO Oliver Dehning said. "Individuals and institutions that claim to want to improve IT security have done a disservice in this case by creating hysteria in numerous misleading articles and in other unsubstantiated headlines related to eFail."

Emails encrypted by Hornetsecurity are protected against attacks of this kind because Hornetsecurity does not allow the different content types (multipart/mixed) required for an attack. In addition, the Hornetsecurity Encryption Service does not require any client plug-ins. Encryption and decryption are fully automated by Hornetsecurity in the cloud - no installation, maintenance or user interaction is required. To further improve security of its clients who are not using Hornetsecurity Encryption Service, Hornetsecurity has included a new filter into its Spam Filter service that recognizes and puts into quarantine emails exploiting eFail by scanning for suspicious HTML manipulations.

About Hornetsecurity
Hornetsecurity has been focused on cloud computing since 2007, when the company was founded by Oliver Dehning and Daniel Hofmann in Hannover, Germany, where it maintains its global headquarters. Today, Hornetsecurity has grown to more than 100 employees, offering comprehensive security solutions in the fields of email security, web security and data storage to more than 30,000 business customers around the world. In 2017, Hornetsecurity opened a United States base of operations in Pittsburgh.

More information can be found at http://www.hornetsecurity.com and www.hornetdrive.com.

CONTACT: Jeremy Church, WordWrite Communications, 412-246-0340, Jeremy.church@wordwritepr.com

View original content:http://www.prnewswire.com/news-releases/cloud-security-experts-at-hornetsecurity-dispute-headlines-questioning-email-encryption-standards-300649824.html

SOURCE Hornetsecurity



Email This News Email | Submit To Slashdot Slashdot | Submit To Digg.com Digg | Submit To del.icio.us Del.icio.us | News Feeds Feeds

RELATED NEWS ARTICLES
Nav Predictive & Prescriptive Analytics: Global Market Forecasts 2018-2023 with Analysis by End-User and Geography | May 25, 2018
Nav How To Prevent Winter Conditions Damage Your Car | May 25, 2018
Nav iovation Introduces New Capabilities to its Fraud Prevention Solution | May 24, 2018
Nav Brands that are Most Trusted in the United States revealed across 115 consumer categories | May 23, 2018
Nav Home Health Hub Market - Global Forecast to 2023 | May 18, 2018
Nav The Humanized Internet Wins Business Worldwide Magazine Award for its Outstanding Commitment to Online Ethics and Security | May 16, 2018
Nav The Big Cyber Attack is Coming 85% of IT Security Pros Tell Pwnie Express | May 16, 2018
Nav 'America First - The MAGA Manifesto' is Released | May 15, 2018
Nav Minerva Labs and BlueVoyant Team Up To Contain Evasive Cyberattack | May 15, 2018
Nav Employees Use Personal Devices to Access Company Email and Shared Documents, Often Without Oversight | May 15, 2018
NEWS SEARCH

FEATURED NEWS | POPULAR NEWS
Submit News | View More News View More News