Tageszusammenfassung - Donnerstag 11-10-2012

End-of-Shift report

Timeframe: Mittwoch 10-10-2012 18:00 − Donnerstag 11-10-2012 18:00 Handler: Matthias Fraidl Co-Handler: Stephan Richter

Expenditure Report Reveals Germany Monitors Skype, Google Mail, Facebook Chat

hypnosec writes "The German Government has gone a bit too far trying to be transparent, inadvertently revealing that German police monitor Skype, Google Mail, MSN Hotmail, Yahoo Mail, and Facebook chat when necessary. The revelations, spotted by the annalist blog, come from a report of expenses incurred by the Federal Ministry of the Interior following a parliamentary inquiry. The report contains lots of tables and as many would find those boring, some highlights: On page 34 and page 37 of...


Microsoft addresses critical Word flaws, new RSA key length

"Microsoft will begin requiring digital certificates to support an RSA key length of at least 1024 bits today, in accordance with a security advisory being pushed through Windows Update. The new requirement, which Microsoft has been preparing customers for since August, was part of the software companys October 2012 Patch Tuesday security updates. Microsoft also addressed an issue with signature timestamps on valid files and released seven bulletins covering 20 vulnerabilities in Microsoft...


US and EU Clash Over Whois Data

itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually - moves that are applauded by David Vladeck, director of the FTCs Bureau of Consumer Protection. The E.U.s Article 29 Working Group is markedly less enthusiastic, saying ICANNs plans trample on...


Sicherheitslücke in Firefox 16

Eine Sicherheitslücke in Firefox 16 hat Mozilla in Alarmbereitschaft versetzt. Als Reaktion wurde Firefox 16 von der Mozilla Homepage entfernt und steht nicht mehr zur Installation zur Verfügung.


PGP founders mobile privacy app goes live

Zimmerman & Navy SEAL pals unveil safe comms, at $20 a month Updated Silent Circle, the secure mobile communications app backed by Phil Zimmerman, has gone live - offering protection from all but the most determined of government departments.


Neue IPv6-Tools von "The Hackers Choice"

Die Hackergruppe "The Hackers Choice" hat das THC IPv6 Attack Toolkit für die Version 2.0 deutlich erweitert. Im Mittelpunkt der Tools steht nicht nur das Sammeln von Informationen über andere IPv6-Hosts, sondern auch über gezielte Angriffe, etwa um Pakete über sich umzuleiten und in eine Position als Man-in-the-Middle zu gelangen.


Facebook Confirms Data Breach

another random user writes "A researcher by the name of Suriya Prakash has claimed that the majority of phone numbers on Facebook are not safe. Its not clear where he got his numbers from (he says 98 percent, while another time he says 500 million out of Facebooks 600 million mobile users), but his demonstration certainly showed he could collect countless phone numbers and their corresponding Facebook names with very little effort. Facebook has confirmed that it limited the Prakashs


Bugtraq: Multiple vulnerabilities in OpenX

Multiple vulnerabilities in OpenX