ProtonMail forced to log user’s IP address after an order from Swiss authorities

Following the incident the company has updated its website and privacy policy to clarify its legal obligations to its userbase. ProtonMail a Swiss-based secure email provider has been at the center of some controversy after it was forced to share the IP address of one of its clients, a climate activist, with law enforcement agencies … More ProtonMail forced to log user’s IP address after an order from Swiss authorities

Critical bug found in popular mail server software

If exploited, the security hole in Exim could allow attackers to run arbitrary commands on vulnerable mail servers. Exim, the popular mail transfer agent (MTA) software, contains a critical-rated vulnerability that can, in some scenarios, enable remote attackers to run commands of their choice on unpatched mail servers, researchers from Qualys have found. Tracked under CVE-2019-10149, the remote … More Critical bug found in popular mail server software

Hook, line, and sinker: How to avoid looking ‘phish-y’

Top tips to help you avoid being caught receiving or sending phishing-looking emails. If you’re a regular reader of this blog, I suspect you live in a state of perpetual vigilance against targeted attacks such as phishing messages. You know that urgent sounding messages from sender addresses that don’t look right, especially if they include … More Hook, line, and sinker: How to avoid looking ‘phish-y’

Researchers reveal flaws that may expose encrypted emails to prying eyes

A team of academics says that, if exploited, the vulnerabilities can reveal the plain text of encrypted emails, including those sent years ago. The widely-used OpenPGP and S/MIME email encryption protocols suffer from weaknesses that may ultimately expose the plain text of encrypted messages to attackers, according to a team of eight academics from German and Belgian universities, who … More Researchers reveal flaws that may expose encrypted emails to prying eyes

MailChimp accounts hacked to spam out malicious emails

Let me start with some full disclosure: I pay MailChimp a decent wedge of cash each month to send out newsletters to readers of my personal blog, and I’m quite a fan. Sending email to a large number of people reliably can be fraught with problems, and I would rather spend my time creating useful … More MailChimp accounts hacked to spam out malicious emails