End-of-Shift report
Timeframe: Mittwoch 10-10-2012 18:00 − Donnerstag 11-10-2012 18:00
Handler: Matthias Fraidl
Co-Handler: Stephan Richter
Expenditure Report Reveals Germany Monitors Skype, Google Mail, Facebook Chat
hypnosec writes "The German Government has gone a bit too far trying to be transparent, inadvertently revealing that German police monitor Skype, Google Mail, MSN Hotmail, Yahoo Mail, and Facebook chat when necessary. The revelations, spotted by the annalist blog, come from a report of expenses incurred by the Federal Ministry of the Interior following a parliamentary inquiry. The report contains lots of tables and as many would find those boring, some highlights: On page 34 and page 37 of...
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/J2HxG9I5vdo/expenditure-report-reveals-germany-monitors-skype-google-mail-facebook-chat
Microsoft addresses critical Word flaws, new RSA key length
"Microsoft will begin requiring digital certificates to support an RSA key length of at least 1024 bits today, in accordance with a security advisory being pushed through Windows Update. The new requirement, which Microsoft has been preparing customers for since August, was part of the software companys October 2012 Patch Tuesday security updates. Microsoft also addressed an issue with signature timestamps on valid files and released seven bulletins covering 20 vulnerabilities in Microsoft...
http://searchsecurity.techtarget.com/news/2240164725/Microsoft-addresses-critical-Word-flaws-new-RSA-key-length?asrc=EM_NLN_19090307&track=NL-102&ad=882246&
US and EU Clash Over Whois Data
itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually - moves that are applauded by David Vladeck, director of the FTCs Bureau of Consumer Protection. The E.U.s Article 29 Working Group is markedly less enthusiastic, saying ICANNs plans trample on...
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/6xJedYC9pQU/us-and-eu-clash-over-whois-data
Sicherheitslücke in Firefox 16
Eine Sicherheitslücke in Firefox 16 hat Mozilla in Alarmbereitschaft versetzt. Als Reaktion wurde Firefox 16 von der Mozilla Homepage entfernt und steht nicht mehr zur Installation zur Verfügung.
http://www.heise.de/security/meldung/Sicherheitsluecke-in-Firefox-16-1727390.html/from/atom10
PGP founders mobile privacy app goes live
Zimmerman & Navy SEAL pals unveil safe comms, at $20 a month Updated Silent Circle, the secure mobile communications app backed by Phil Zimmerman, has gone live - offering protection from all but the most determined of government departments.
http://go.theregister.com/feed/www.theregister.co.uk/2012/10/10/secure_circle/
Neue IPv6-Tools von "The Hackers Choice"
Die Hackergruppe "The Hackers Choice" hat das THC IPv6 Attack Toolkit für die Version 2.0 deutlich erweitert. Im Mittelpunkt der Tools steht nicht nur das Sammeln von Informationen über andere IPv6-Hosts, sondern auch über gezielte Angriffe, etwa um Pakete über sich umzuleiten und in eine Position als Man-in-the-Middle zu gelangen.
http://www.heise.de/security/meldung/Neue-IPv6-Tools-von-The-Hackers-Choice-1727676.html/from/atom10
Facebook Confirms Data Breach
another random user writes "A researcher by the name of Suriya Prakash has claimed that the majority of phone numbers on Facebook are not safe. Its not clear where he got his numbers from (he says 98 percent, while another time he says 500 million out of Facebooks 600 million mobile users), but his demonstration certainly showed he could collect countless phone numbers and their corresponding Facebook names with very little effort. Facebook has confirmed that it limited the Prakashs
http://rss.slashdot.org/~r/Slashdot/slashdot/~3/-ZGiVNpxow8/facebook-confirms-data-breach
Bugtraq: Multiple vulnerabilities in OpenX
Multiple vulnerabilities in OpenX
http://www.securityfocus.com/archive/1/524372