Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"The Illustrated TLS Connection"
Every byte of a TLS 1.2 connection explained and reproduced.
VG
Bernd
[0]
https://tls.ulfheim.net/
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] bzw. [1] FYI
"In System Management Module (SMM) versions prior
to 1.06, the SMM contains weak default root credentials
which could be used to log in to the device OS -- if
the attacker manages to enable SSH or Telnet connections
via some other vulnerability."
VG
Bernd
[0]
https://cve.circl.lu/cve/CVE-2018-9083
[1]
https://cve.circl.lu/cve/CVE-2018-9083
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"A Systematic Evaluation of Transient Execution Attacks and Defenses"
"Recent research on transient execution attacks including Spectre
and Meltdown ... Our systematization uncovers 7 (new) transient
execution attacks that have been overlooked and not been investigated
so far. This includes 2 new Meltdown variants ..."
VG
Bernd
[0]
https://arxiv.org/abs/1811.05441
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de