Sydney Morning Herald

When PGP signatures can be misleading

Add articles to your saved list and come back to them any time. The trust that PGP signatures generates can be deceptive, one researcher, a regular poster to the full-disclosure vulnerability mailing ...
Hackaday

This Week In Security: Backdoors In Cisco Switches, PGP Spoofing In Emails, Git Ransomware

Some switches in Cisco’s 9000 series are susceptible to a remote vulnerability, numbered CVE-2019-1804 . It’s a bit odd to call it a vulnerability, actually, because the software is operating as ...
ZDNet

PGP security weakness exposed

How do you know someone is really who they say they are? In developer and security circles, you do it with Pretty Good Privacy (PGP) keys. Or, you used to anyway. If ...
MyBroadband

Security flaw let attackers forge PGP signatures

Security researcher Marcus Brinkmann has discovered a security flaw in GnuPG which potentially allowed attackers to spoof the digital signatures of nearly any person with a public key, Ars Technica ...
Ars Technica

Decades-old PGP bug allowed hackers to spoof just about anyone’s signature

Maybe it is time to admit that all those open source eyeballs are no better than eyeballs looking at closed source with a decompiler. The time this existed for is shocking. I wonder if there has been ...