Category: IT|Jan 5, 2025 | Author: Admin

Over 3 million mail servers without encryption exposed to sniffing attacks

Share on

Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks.

Over 3 million mail servers without encryption exposed to sniffing attacks

Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks.

 

IMAP and POP3 are two methods for accessing email on mail servers. IMAP is recommended for checking emails from multiple devices, such as phones and laptops because it keeps your messages on the server and synchronizes them between devices. POP3, on the other hand, downloads emails from the server, making them accessible only from the device where they were downloaded.

 

It should also be noted that many hosting companies configure POP3 or IMAP services by default, even if no users use them.

 

The TLS secure communication protocol helps secure users' information while exchanging and accessing their emails over the Internet through client/server applications. However, when TLS encryption is not enabled, their messages' contents and credentials are sent in clear text, exposing them to eavesdropping network sniffing attacks.

 

As scans from the ShadowServer security threat monitoring platform Shadowserver show, around 3.3 million hosts are running POP3/IMAP services without TLS encryption enabled and expose usernames and passwords in plain text when transmitted over the Internet.

 

ShadowServer is now notifying mail server operators that their POP3/IMAP servers do not have TLS enabled, exposing users' unencrypted usernames and passwords to sniffing attacks.

 

"This means that passwords used for mail access may be intercepted by a network sniffer. Additionally, service exposure may enable password-guessing attacks against the server," Shadowserver said.

 

"If you receive this report from us, please enable TLS support for IMAP as well as consider whether the service needs to be enabled at all or moved behind a VPN."

 

​The original TLS 1.0 specification and its successor, TLS 1.1, have been used for nearly two decades, with TLS 1.0 being introduced in 1999 and TLS 1.1 in 2006. After extensive discussions and the development of 28 protocol drafts, the Internet Engineering Task Force (IETF) approved TLS 1.3, the next major version of the TLS protocol, in March 2018.

 

In a coordinated announcement in October 2018, Microsoft, Google, Apple, and Mozilla said they would retire the insecure TLS 1.0 and TLS 1.1 protocols in the first half of 2020. Microsoft began enabling TLS 1.3 by default in the latest Windows 10 Insider builds starting in August 2020.

 

In January 2021, the NSA also provided guidance on identifying and replacing outdated TLS protocol versions and configurations with modern, secure alternatives.

 

"Obsolete configurations provide adversaries access to sensitive operational traffic using a variety of techniques, such as passive decryption and modification of traffic through man-in-the-middle attacks," the NSA said.

 

"Attackers can exploit outdated transport layer security (TLS) protocol configurations to gain access to sensitive data with very few skills required."

Sponsored Ads:

Comments:


TikTok-19-01-25.png

TikTok shuts down in the US as Trump throws the company a lifeline

Category: IT|Jan 19, 2025 | Author: Admin
Discord-18-01-25.png

Malicious PyPi package steals Discord auth tokens from devs

Category: IT|Jan 18, 2025 | Author: Admin
China_matrix-17-01-25.png

GDPR complaints filed against TikTok, Temu for sending user data to China

Category: IT|Jan 17, 2025 | Author: Admin
Fortinet-16-01-25.png

Hackers leak configs and VPN credentials for 15,000 FortiGate devices

Category: General|Jan 16, 2025 | Author: Admin
windows-blue-background-15-01-25.png

January Windows updates may fail if Citrix SRA is installed

Category: Microsoft|Jan 15, 2025 | Author: Admin
nominet-14-01-25.png

UK domain registry Nominet confirms breach via Ivanti zero-day

Category: IT|Jan 14, 2025 | Author: Admin
back-13-01-25.png

Phishing texts trick Apple iMessage users into disabling protection

Category: Apple|Jan 13, 2025 | Author: Admin
church-12-01-25.png

Pastor who saw crypto project in his "dream" indicted for fraud

Category: IT|Jan 12, 2025 | Author: Admin
LDAPNightmare-11-01-25.png

Fake LDAPNightmware exploit on GitHub spreads infostealer malware

Category: IT|Jan 11, 2025 | Author: Admin
Outlook-for-Windows-10-01-25.png

Microsoft to force install new Outlook on Windows 10 PCs in February

Category: Microsoft|Jan 10, 2025 | Author: Admin
proton-mail-header-09-01-25.png

Proton Mail still down as Proton recovers from worldwide outage

Category: IT|Jan 9, 2025 | Author: Admin
backdoror-web-shells-08-01-25.png

Over 4,000 backdoors hijacked by registering expired domains

Category: IT|Jan 8, 2025 | Author: Admin
cryptocurrency.png

Cryptocurrency wallet drainers stole $494 million in 2024

Category: IT|Jan 7, 2025 | Author: Admin
google-06-01-25.png

Google Chrome is making it easier to share specific parts of long PDFs

Category: Google|Jan 6, 2025 | Author: Admin
email-server-05-01-25.png

Over 3 million mail servers without encryption exposed to sniffing attacks

Category: IT|Jan 5, 2025 | Author: Admin
more