Presseartikel

It’s time you were T0RTT a les­son: Here’s how you could build a bet­ter Tor

• https://www.theregister.co.uk/2019/12/12/tortt_research_paper/

Si­cher­heits­lü­cken im In­ter­net­pro­to­koll „IPsec“ iden­ti­fi­ziert.

• https://www.focus.de/regional/bochum/ruhr-universitaet-bochum-informationstechnologie_id_9413666.html

Cisco Patches Its Ope­ra­ting Sys­tems Against New IKE Cryp­to At­tack

• https://www.bleepingcomputer.com/news/security/cisco-patches-its-operating-systems-against-new-ike-crypto-attack/

Cisco patches IOS in re­s­pon­se to boff­ins‘ IKE-bus­ting bre­ak­th­rough

• https://www.theregister.co.uk/2018/08/14/cisco_patches_ios/

Cisco patches rou­ter OS against new cryp­to at­tack on busi­ness VPNs

• https://www.zdnet.com/article/cisco-patches-router-os-against-new-crypto-attack-on-business-vpns/

Cryp­to Flaw Af­fects Pro­ducts From Cisco, Hua­wei, ZyXEL

• https://www.securityweek.com/crypto-flaw-affects-products-cisco-huawei-zyxel

This At­tack Has Been Around for 20 Years — And It’s Back Again With The Blei­chen­ba­cher Ora­cle At­tack on VPNs

• https://medium.com/asecuritysite-when-bob-met-alice/this-attack-has-been-around-for-20-years-and-its-back-again-with-the-bleichenbacher-oracle-a585c34c9890

PGP und S/MIME ab­schal­ten

• https://www.golem.de/news/e-mail-verschluesselung-pgp-und-s-mime-abschalten-1805-134359.html

At­ten­ti­on PGP Users: New Vul­nerabi­li­ties Re­qui­re You To Take Ac­tion Now

• https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now

Cri­ti­cal PGP and S/MIME bugs can re­veal en­cryp­ted e-mails. Un­in­stall now

• https://arstechnica.com/information-technology/2018/05/critical-pgp-and-smime-bugs-can-reveal-encrypted-e-mails-uninstall-now/

Gra­vie­ren­de Schwach­stel­len in E-Mail-Ver­schlüs­se­lung

• http://www.sueddeutsche.de/news/service/internet-gravierende-schwachstellen-in-e-mail-verschluesselung-dpa.urn-newsml-dpa-com-20090101-180514-99-298077

The Re­gis­ter: F5 DROW­Ning, not wa­ving, in cryp­to fail

• https://www.theregister.co.uk/2017/11/20/f5_crypto_weakness/

Golem.de: RO­BOT-An­griff – 19 Jahre alter An­griff auf TLS funk­tio­niert immer noch

• https://www.golem.de/news/robot-angriff-19-jahre-alter-angriff-auf-tls-funktioniert-immer-noch-1712-131607.html

For­bes: ‚ROBOT At­tack‘ Ex­po­sed Face­book With 19-Ye­ar-Old Bug — Mas­si­ve Web­sites Still Vul­nerable

• https://www.forbes.com/sites/thomasbrewster/2017/12/12/robot-hack-exploits-encryption-weaknesses-in-major-websites-facebook-patches/

Ars Tech­ni­ca: 1998 at­tack that mes­ses with sites’ secret cryp­to keys is back in a big way

• https://arstechnica.com/information-technology/2017/12/a-worrying-number-of-sites-remain-open-to-major-crypto-flaw-from-1998/

The Ha­cker News: ROBOT At­tack: 19-Ye­ar-Old Blei­chen­ba­cher At­tack On En­cryp­ted Web Reintro­du­ced

• https://thehackernews.com/2017/12/bleichenbacher-robot-rsa.html

The Re­gis­ter: I, Robot? Ai­i­iee, ROBOT! RSA TLS cryp­to at­tack pwns Face­book, Pay­Pal, 27 of 100 top do­mains

• https://www.theregister.co.uk/2017/12/13/robot_tls_rsa_flaw/

Se­cu­ri­ty Af­fairs: ROBOT At­tack: RSA TLS cryp­to at­tack wor­ked against Face­book, Pay­Pal, and tens of 100 top do­mains

• https://securityaffairs.co/wordpress/66682/hacking/robot-attack.html

Bleeping Com­pu­ter: Va­ria­ti­on of 19-Ye­ar-Old Cryp­to­gra­phic At­tack Af­fects Face­book, Pay­Pal, Others

• https://www.bleepingcomputer.com/news/security/variation-of-19-year-old-cryptographic-attack-affects-facebook-paypal-others/

Threat­Post: 19-Ye­ar-Old TLS Vul­nerabi­li­ty Wea­kens Mo­dern Web­site Cryp­to

• https://threatpost.com/19-year-old-tls-vulnerability-weakens-modern-website-crypto/129158/

SC Ma­ga­zi­ne: TLS ex­ploit ‚ROBOT‘ ca­pi­ta­li­zes on 19-ye­ar-old vul­nerabi­li­ty; ven­dors issue patch

• https://www.scmagazine.com/tls-exploit-robot-capitalizes-on-19-year-old-vulnerability-vendors-issue-patch/article/718417/

heise: RO­BOT-At­ta­cke: TLS-An­griff von 1998 funk­tio­niert immer noch

• https://www.heise.de/security/meldung/ROBOT-Attacke-TLS-Angriff-von-1998-funktioniert-immer-noch-3916994.html

digi.no: Gam­mel kryptosårbar­het er til­ba­ke. Face­book blant

• https://www.digi.no/artikler/gammel-kryptosarbarhet-er-tilbake-facebook-blant-de-berorte/414352

We don’t want to alarm you, but Post­Script makes your prin­ter an at­tack vec­tor

• https://www.theregister.co.uk/2017/01/31/postscript_bug/

Flaws in po­pu­lar prin­ters can let ha­ckers ea­si­ly steal prin­ted do­cu­ments

• https://www.zdnet.com/article/flaws-in-popular-printers-can-let-hackers-easily-steal-printed-documents/

Your Prin­ter Can Steal and De­face Your Do­cu­ments

• https://www.pcmag.com/news/355256/your-printer-can-steal-and-deface-your-documents

New Re­port De­tails Scary Vul­nerabi­li­ties In Po­pu­lar Prin­ters

• https://www.gizmodo.com.au/2017/02/new-report-details-scary-vulnerabilities-in-popular-printers/

For­scher: Si­cher­heits­lü­cken in Netz­werk­dru­ckern er­lau­ben Da­ten­dieb­stahl

• https://www.zdnet.de/88287209/forscher-sicherheitsluecken-in-netzwerkdruckern-erlauben-datendiebstahl/

Stel­len Sie so­fort das Dru­cken ein! Schock-Nach­richt von deut­schen For­schern

• https://www.chip.de/news/Forscher-warnen-vor-Sicherheitsluecken-bei-diesen-meistverkauften-Druckern_108536634.html

WHATS­APP SE­CU­RI­TY FLAWS COULD ALLOW SNO­OPS TO SLIDE INTO GROUP CHATS

• https://www.wired.com/story/whatsapp-security-flaws-encryption-group-chats/

Schwach­stel­le in Ver­schlüs­se­lung von Grup­pen­chats

• http://www.spiegel.de/netzwelt/apps/whatsapp-gruppenchats-schwachstelle-im-verschluesselungs-protokoll-a-1187338.html

Whats­App und Si­gnal: For­scher be­schrei­ben Schwä­chen ver­schlüs­sel­ter Grup­pen­chats

• https://www.heise.de/security/meldung/WhatsApp-und-Signal-Forscher-beschreiben-Schwaechen-verschluesselter-Gruppenchats-3942046.html

Wie Frem­de sich in Whats­app-Grup­pen­chats ein­la­den kön­nen

• http://www.sueddeutsche.de/digital/it-sicherheit-wie-fremde-sich-in-whatsapp-gruppenchats-einladen-koennen-1.3821656

Whats­App ‚bug‘ rai­ses ques­ti­ons over group mes­sa­ge pri­va­cy

• https://www.telegraph.co.uk/technology/2018/01/10/whatsapp-bug-raises-questions-group-message-privacy/

Whats­App ‚bug‘ rai­ses ques­ti­ons over group mes­sa­ge pri­va­cy

• https://www.handelsblatt.com/technik/it-internet/verschluesselung-umgangen-forscher-finden-sicherheitsluecke-bei-whatsapp/20836518.html?ticket=ST-951729-iPg5StKfXoWGE4xdDEKk-ap4

For­scher war­nen vor weit ver­brei­te­ter HTTPS-Si­cher­heits­lü­cke

• http://www.spiegel.de/netzwelt/web/drownattack-forscher-warnen-vor-weit-verbreiteter-https-sicherheitsluecke-a-1080130.html

Ein Drit­tel der HTTPS-Ser­ver an­greif­bar

• https://www.golem.de/news/bleichenbacher-angriff-drown-entschluesselt-mit-uraltem-ssl-protokoll-1603-119457.html

Au­di­tors find en­cryp­ted chat cli­ent Text­Se­cu­re is se­cu­re

• https://www.theregister.co.uk/2014/11/03/how_secure_is_textsecure_pretty_well_secure/