All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Privacy Vulnerabilities in Evolution Mail Expose User IP Addresses

By

zdw

10mo ago· 2 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Pulled from the oven just right. Trustworthy, fact-dense, deeply satisfying.

Score80TypenewsSentimentnegative

Summary

The article discusses privacy vulnerabilities in Evolution Mail that allow senders to track users' IP addresses and DNS resolvers through bugs in DNS prefetching and link rel=preconnect.

Key quotes

· 3 pulled
This allows a sender of an email to get the open time and IP address of the receivers DNS resolver before clicking Load Remote Content
...giving the sender of an email the IP address of the end user instead of just their DNS resolver.
This is a critical privacy issue
Snippet from the RSS feed
Mike Cardwell's Tech Blog. Security, privacy, and technology

You might also wanna read

Pentagon Confirms Adversaries Using Commercial Phone Location Data to Target US Troops

The Pentagon was warned for nearly a decade that commercial location data from mobile phones could be exploited by adversaries to track US m

wired.com·1d ago

New browser-based side-channel attack uses SSD activity analysis to spy on users

Researchers have discovered a new browser-based side-channel attack that can spy on users by analyzing SSD (Solid State Drive) activity thro

arstechnica.com·1d ago

New FROST technique lets websites track visitors by analyzing SSD activity

A new tracking technique called FROST (fingerprinting remotely using OPFS-based SSD timing) allows websites to spy on visitors by analyzing

23.social·4d ago

Trump Mobile investigates data leak exposing customer names and contact details

A potential security flaw on Trump Mobile's website may have exposed personal information (names, emails, addresses, phone numbers) of thous

independent.co.uk·4d ago

Third-party UK Visa Portal exposed 100,000+ applicants' passports and selfies online

A third-party website called UK Visa Portal, which is not affiliated with the U.K. government, has been publicly exposing the passports and

techcrunch.com·4d ago

Researchers Demonstrate How Inaudible Audio Commands in Podcasts and Videos Can Hijack AI Voice Assistants

Researchers have demonstrated a new cybersecurity threat where hackers can embed inaudible sounds into podcasts, YouTube videos, or other au

futurism.com·5d ago