You are here: Home News & Alerts News IT-Security Notifications

IT-Security Notifications

Viruses in delivery messages / Tuesday: Java-Patch-Day / md5crypt assumed to be insecure

 

Viruses in delivery messages

Currently, there are many e-mails being sent, which have a virus infected attachment. They appear to come from "Deutsche Post AG" or "Federal Express". The following message is an indicator for such e-mails: "...Ein Fehler in der Leiferanschrift. Sie konnen Ihre Postsendung in unserer Postabteilung personlich kriegen. Anbei finden Sie einen Postetikett...". If the attachment is opened under protection of an anti-virus programme, the virus will be found and treated as such. The easiest solution is to delete such messages immediately. More information to be found here:
www.heise.de/security/meldung/Virenpost-durch-Postviren-1614043.html

 

Tuesday: Java-Patch-Day

Security gaps to be amended allow attackers to access a system online without username or password. More information to be found here:
www.heise.de/security/meldung/14-Patches-fuer-JavaSE-am-Dienstag-1614761.html

 

md5crypt assumed to be insecure

The password scrambler md5crypt from 1995, which is still used in some Linux distributions, should according to its author Poul-Henning Kamp be shut down as soon as possible. More information to be found here:
www.heise.de/security/meldung/Autor-haelt-md5crypt-nicht-mehr-fuer-sicher-1614781.html