Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyercrime. Show all posts
Vulnerabilities and Exploits
Cyberfrauds CyberThreat Cyercrime Cyersecurity Email Phishing Vulnerabilities and Exploits

Millions of Email Servers Found Vulnerable in Encryption Analysis

 


In a new study published by ShadowServer, it was revealed that 3.3 million POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) servers are currently at risk of network sniffing attacks because they are not encrypting their data using TLS. 

Using IMAP, users can access their emails from different devices, while keeping messages on the server. With POP3, however, the messages are downloaded to one specific device, which restricts access to that particular device, resulting in IMAP and POP3 being used to access email. Mail servers can be accessed through two different methods: POP3 and IMAP. POP3 is a way to access email through a server. 

A good reason to use IMAP is that it stores users' emails on the server and synchronizes them across all their devices. This allows them to check their inbox across multiple devices, such as laptops and phones. However, POP3 works by downloading emails from the server and making them only accessible from the device from which they were downloaded. Additionally, there is no denying that many hosting companies configure POP3 and IMAP services by default, even though most users do not use them. 

It is important to note that it is very common to have those services configured by default. To ensure that TLS is enabled, and all email users use the latest version of the protocol, the organization advised them to check with their email provider. With the latest versions of Apple, Google, Microsoft, and Mozilla email platforms, users can rest assured that their information is already protected thanks to the TLS encryption protocol. 

To securely exchange and access emails across the Internet using client/server applications, the TLS secure communication protocol helps secure users' information while exchanging and accessing. In the absence of TLS encryption, the messages' content and credentials are sent in clear text, making them susceptible to network sniffing attacks that could eavesdrop on them. In the sense of a security protocol, TLS, or Transport Layer Security, is an Internet-based security protocol used for secure web browsing as well as encrypting emails, file transfers, and messaging messages. It is used to provide end-to-end security between applications over the Internet. 

It is the role of TLS to keep hackers away from sniffing the network, encrypting users' email credentials and message contents instead of sending them as plain text, which helps to prevent hackers from sniffing the network. As an alternative to TLS encryption, it is also possible for anyone to sniff out that information without encryption. To find out 3.3 million hosts that do not support TLS, ShadowServer scanned the internet for POP3 services running on ports 110 and 995. 

As of 2006, there has been widespread use of TLS 1.1 as an improvement over TLS 1.0, which had been introduced to the market in 1999, and TLS 1.0 remained in use until this very day. Having discussed and developed 28 protocol drafts, the Internet Engineering Task Force (IETF) approved TLS 1.3, the next major version of the TLS protocol, in March of 2018, after extensive discussions and development of 28 drafts. 

Without TLS, passwords for mail access could be intercepted, and exposed services could allow a password-guessing attack on the server, and without TLS, passwords could be intercepted, and the server could suffer from password-guessing attacks. Hosts can be eavesdropping on network sniffer attacks if credentials and message content are sent in clear text without encryption. 

It is estimated that about 900,000 of these sites reside in the United States with over 500,000 being in Germany and Poland with 380,000 being in Germany. However according to the researchers, no matter whether TLS is enabled or not, service exposure could result in a password-guessing attack against the server. As part of the coordinated announcement made by Microsoft, Google, Apple, and Mozilla in October 2018 informing the public that insecure TLS 1.0 and TLS 1.1 protocols would be retired in 2020, Microsoft, Google, Apple, and Mozilla announced their intentions. As of August 2020, the latest Windows 10 Insider builds have begun using TLS 1.3 by default. 

The National Security Agency also released a guide in January 2021 detailing how outdated versions of the TLS protocol, configurations, and versions can be identified and replaced with current, secure solutions. As a ShadowServer foundation spokesperson pointed out, “regardless of whether TLS is enabled or not, service exposure may enable password guessing attacks against the server regardless of whether TLS is enabled.” 

Email users are urged to make sure that their email service provider indeed enables TLS and that their email service provider is using the current version of the protocol. Regardless of whether they are using Apple, Google, Microsoft, or Mozilla email platforms, users need not be worried since they all support TLS and use the latest versions of it.
Read more »
Subscribe to: Posts (Atom)