End-of-Day report
Timeframe: Montag 15-10-2018 18:00 - Dienstag 16-10-2018 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
pEp-Foundation hat Sicherheitslücke in Enigmail/pEp geschlossen
Die pEp-Foundation hat eine Sicherheitslücke gestopft: Das Add-on Enigmail unter Windows hatte vorgeblich verschlüsselte Mails im Klartext verschickt.
http://heise.de/-4191426
Android 9 Pie: Google knüpft Backup-Verschlüsselung an gerätespezifische Passcodes
Der Zugriff auf Anwendungsdaten in Androids Cloud-Backups erfordert künftig einen Entschlüsselungskey, den selbst Google nicht kennt.
http://heise.de/-4191017
Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
Cisco Talos has discovered a new malware campaign that drops the sophisticated information-stealing trojan called "Agent Tesla," and other malware such as the Loki information stealer. Initially, Talos telemetry systems detected a ..
https://blog.talosintelligence.com/2018/10/old-dog-new-tricks-analysing-new-rtf_15.html
Phishers are after something unusual in ploy targeting book publishers
In a new twist on the theme, the scammers have their sights set on book manuscripts, among other ..
http://feedproxy.google.com/~r/eset/blog/~3/lABhPeu59as/
Fake-Shop-Alarm auf macbooks-billiger.de
Auf macbooks-billiger.de werden Apple-Produkte, wie MacBooks, iPhones, Apple Watches und iPads zu konkurrenzlos günstigen Preisen angeboten. Wie das geht, fragen Sie? Die Antwort lautet -Betrug!-. Sie ..
https://www.watchlist-internet.at/index.php?id=71&tx_news_pi1[news]=3169&tx_news_pi1[controller]=News&tx_news_pi1[action]=detail&cHash=5cd2c26d0640a48ea4cf4488b0199b74
Removing Old Versions of TLS
In March of 2020, Firefox will disable support for TLS 1.0 and TLS 1.1. On the Internet, 20 years is an eternity. TLS 1.0 will be 20 years old in January 2019. In that time, TLS has protected ..
https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/
Vulnerabilities
DSA-4319 spice - security update
https://www.debian.org/security/2018/dsa-4319
DSA-4318 moin - security update
https://www.debian.org/security/2018/dsa-4318