What Is the 'EFAIL' Vulnerability and What Can I Do About It?

May 18, 2018 / by Jon Mentzell

What is efail? 

Efail is the name given by German Researchers to a potential attack against PGP or S/MIME encoded emails to take the encrypted contents and send them to a third-party actor.

How does efail work?

Efail requires an HTML encoded email to be manipulated by prepending an html image tag to the beginning of the email. This in turn forces the email client to send a request to a malicious domain looking for an image file that is the body of the encrypted email.

Read more

Differentiating Key Managers & HSMs - Who Let the Keys Out?

May 15, 2018 / by Ken Czajkowski

Along with the rest of the industry, we recently attended the RSA Conference in San Francisco. While there, many conversations about Fornetix Key Orchestration (KO) started with “You’re an HSM?” or “I already have an HSM… why do I need a key manager?”  Key managers have very clear differences from Hardware Security Modules (HSMs.)  The main differences reside in how the encryption keys can be used by a Key Manager or HSM.  There are other more important differentiators, however, let’s start with how key managers leverage open standards, like the Key Management Interoperability Protocol (KMIP), and what exactly an HSM is.

Read more

Supporting BYOK Within AWS With Fornetix Key Orchestration

May 09, 2018 / by Megan Horner

Amazon Web Services (AWS) is a secure cloud services provider that delivers compute, network, and data storage services. There are numerous benefits to migrating data storage and management to the cloud, but there are security considerations that must be addressed prior to doing so.

Read more
1
Page 0 of 1

Subscribe to Email Updates

Recent Posts