ISC StormCast for Tuesday, December 9th 2014

By Johannes Ullrich POODLE bites again; Kaspersky Security causes Insecure SSL; HP Reveals IE 0-day; Interesting Facebook File Upload Vuln.
POODLE Attack may affect some TLS implementations, not just SSLv3
https://www.imperialviolet.org/2014/12/08/poodleagain.html
Kaspersky Internet Security Software Uses SSLv3 (Article in German)
http://www.heise.de/newsticker/meldung/Kaspersky-Schutzsoftware-senkt-Sicherheit-von-SSL-Verbindungen-2482344.html
HP Reveals IE 0-Day Vulnerability ahead of Patch Tuesday
http://zerodayinitiative.com/advisories/ZDI-14-403/
Facebook File Upload Vulnerability
http://josipfranjkovic.blogspot.com/2014/12/reading-local-files-from-facebooks.html More Here