{"id":11809,"date":"2018-08-14T15:40:13","date_gmt":"2018-08-14T13:40:13","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/de\/?p=11809"},"modified":"2019-05-15T14:01:53","modified_gmt":"2019-05-15T12:01:53","slug":"faxploit-nicht-mit-retarus","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/","title":{"rendered":"\u201eFaxploit\u201c: Nicht mit Retarus"},"content":{"rendered":"<p>Die israelische Firma Check Point Software warnt aktuell vor einer Sicherheitsl\u00fccke in faxf\u00e4higen Multifunktionsger\u00e4ten, die sich als Einfallstor ins Firmennetz missbrauchen lassen.<\/p>\n<p>Beispielhaft <a href=\"https:\/\/research.checkpoint.com\/sending-fax-back-to-the-dark-ages\/\">demonstriert haben die Check-Point-Forscher ihren Angriff<\/a> an einem \u201eOfficeJet Pro 6830\u201c von HP, der \u00fcber eine analoge Fax-Leitung am Telefonnetz hing. Beim \u201eReverse Engineering\u201c der Ger\u00e4tesoftware stie\u00dfen sie auf eine unsichere Software-Bibliothek. Diese konnten sie durch ein manipuliertes Fax \u00fcber eine klassische Hacker-Technik <a href=\"https:\/\/www.heise.de\/security\/meldung\/Totale-Kontrolle-Multifunktions-Drucker-ueber-Fax-angreifbar-4135522.html\">zum \u201e\u00dcberlaufen\u201c bringen<\/a>, um anschlie\u00dfend zwei NSA-Tools f\u00fcr Angriffe auf Firmennetze in dem Ger\u00e4t abzulegen und auszuf\u00fchren.<\/p>\n<p>Wer&nbsp;<a href=\"https:\/\/www.retarus.com\/blog\/de\/fax-ist-fuer-viele-nach-wie-vor-unverzichtbar\/\">\u00fcber die Systeme von Retarus faxt<\/a>&nbsp;und Faxe empf\u00e4ngt, kann dies seelenruhig weiter tun. Multifunktionsger\u00e4te, die an unsere Fax-Infrastruktur angebunden sind, ben\u00f6tigen keine Fax-Karte und auch keine analoge Leitung (unter anderem das macht ja gerade den Charme der <a href=\"https:\/\/www.retarus.com\/de\/services\/fax\/\">Retarus Cloud Fax Services<\/a> aus). Ein Reverse Engineering unserer softwarebasierten Fax-L\u00f6sung ist au\u00dferdem so gut wie unm\u00f6glich, da diese nicht \u00f6ffentlich zug\u00e4nglich ist. Last, but not least: beim Fax-Empfang generieren wir sowohl bei TIFF als auch bei JPEG die Header (Marker) selbst. Ein versteckter Payload w\u00fcrde gel\u00f6scht und gar nicht erst verarbeitet, somit k\u00f6nnen wir einen Faxploit-Angriff f\u00fcr den Fax-Empfang \u00fcber Retarus ausschlie\u00dfen.<\/p>\n<p>Faxploit ist also kein Grund zur Sorge &#8211; sondern einer mehr, sicher und zukunftsf\u00e4hig \u00fcber die <a href=\"https:\/\/www.retarus.com\/de\/services\/fax\/\">Retarus Cloud Fax Services<\/a> zu faxen.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Check Point warnt aktuell vor einer Sicherheitsl\u00fccke in faxf\u00e4higen Multifunktionsger\u00e4ten &#8211; ein Grund mehr, sicher und zukunftsf\u00e4hig \u00fcber die Retarus Cloud Fax Services zu faxen.<\/p>\n","protected":false},"author":14,"featured_media":10961,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_s2mail":"","footnotes":""},"categories":[334,7,26],"tags":[3616,1013],"dipi_cpt_category":[],"class_list":["post-11809","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ref-fax","category-news","category-security","tag-cloud-fax","tag-sicherheit"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.6 (Yoast SEO v23.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u201eFaxploit\u201c: Nicht mit Retarus - Retarus Corporate Blog - DE<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u201eFaxploit\u201c: Nicht mit Retarus\" \/>\n<meta property=\"og:description\" content=\"Check Point warnt aktuell vor einer Sicherheitsl\u00fccke in faxf\u00e4higen Multifunktionsger\u00e4ten - ein Grund mehr, sicher und zukunftsf\u00e4hig \u00fcber die Retarus Cloud Fax Services zu faxen.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/\" \/>\n<meta property=\"og:site_name\" content=\"Retarus Corporate Blog - DE\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-14T13:40:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-05-15T12:01:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png\" \/>\n\t<meta property=\"og:image:width\" content=\"730\" \/>\n\t<meta property=\"og:image:height\" content=\"410\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Thomas Cloer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Thomas Cloer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 Minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/\",\"url\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/\",\"name\":\"\u201eFaxploit\u201c: Nicht mit Retarus - Retarus Corporate Blog - DE\",\"isPartOf\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png\",\"datePublished\":\"2018-08-14T13:40:13+00:00\",\"dateModified\":\"2019-05-15T12:01:53+00:00\",\"author\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#primaryimage\",\"url\":\"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png\",\"contentUrl\":\"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png\",\"width\":730,\"height\":410},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.retarus.com\/blog\/de\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u201eFaxploit\u201c: Nicht mit Retarus\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/#website\",\"url\":\"https:\/\/www.retarus.com\/blog\/de\/\",\"name\":\"Retarus Corporate Blog - DE\",\"description\":\"Immer up-to-date\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.retarus.com\/blog\/de\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.retarus.com\/blog\/de\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5\",\"name\":\"Thomas Cloer\",\"url\":\"https:\/\/www.retarus.com\/blog\/de\/author\/thomasc\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u201eFaxploit\u201c: Nicht mit Retarus - Retarus Corporate Blog - DE","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/","og_locale":"de_DE","og_type":"article","og_title":"\u201eFaxploit\u201c: Nicht mit Retarus","og_description":"Check Point warnt aktuell vor einer Sicherheitsl\u00fccke in faxf\u00e4higen Multifunktionsger\u00e4ten - ein Grund mehr, sicher und zukunftsf\u00e4hig \u00fcber die Retarus Cloud Fax Services zu faxen.","og_url":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/","og_site_name":"Retarus Corporate Blog - DE","article_published_time":"2018-08-14T13:40:13+00:00","article_modified_time":"2019-05-15T12:01:53+00:00","og_image":[{"width":730,"height":410,"url":"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png","type":"image\/png"}],"author":"Thomas Cloer","twitter_card":"summary_large_image","twitter_misc":{"Verfasst von":"Thomas Cloer","Gesch\u00e4tzte Lesezeit":"1 Minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/","url":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/","name":"\u201eFaxploit\u201c: Nicht mit Retarus - Retarus Corporate Blog - DE","isPartOf":{"@id":"https:\/\/www.retarus.com\/blog\/de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#primaryimage"},"image":{"@id":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#primaryimage"},"thumbnailUrl":"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png","datePublished":"2018-08-14T13:40:13+00:00","dateModified":"2019-05-15T12:01:53+00:00","author":{"@id":"https:\/\/www.retarus.com\/blog\/de\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5"},"breadcrumb":{"@id":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#primaryimage","url":"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png","contentUrl":"https:\/\/www.retarus.com\/blog\/de\/wp-content\/uploads\/sites\/4\/2017\/05\/Fax_Duden.png","width":730,"height":410},{"@type":"BreadcrumbList","@id":"https:\/\/www.retarus.com\/blog\/de\/faxploit-nicht-mit-retarus\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.retarus.com\/blog\/de\/"},{"@type":"ListItem","position":2,"name":"\u201eFaxploit\u201c: Nicht mit Retarus"}]},{"@type":"WebSite","@id":"https:\/\/www.retarus.com\/blog\/de\/#website","url":"https:\/\/www.retarus.com\/blog\/de\/","name":"Retarus Corporate Blog - DE","description":"Immer up-to-date","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.retarus.com\/blog\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Person","@id":"https:\/\/www.retarus.com\/blog\/de\/#\/schema\/person\/7f8954d8bf84d75cf384942c5f6cf2e5","name":"Thomas Cloer","url":"https:\/\/www.retarus.com\/blog\/de\/author\/thomasc\/"}]}},"_links":{"self":[{"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/posts\/11809"}],"collection":[{"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/comments?post=11809"}],"version-history":[{"count":17,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/posts\/11809\/revisions"}],"predecessor-version":[{"id":13074,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/posts\/11809\/revisions\/13074"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/media\/10961"}],"wp:attachment":[{"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/media?parent=11809"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/categories?post=11809"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/tags?post=11809"},{"taxonomy":"dipi_cpt_category","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/de\/wp-json\/wp\/v2\/dipi_cpt_category?post=11809"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}