December 2020 - rwth-security - lists.rwth-aachen.de

Security Engineering — Third Edition
by Bernd Kohler 10 Mar '22

10 Mar '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Security Engineering — Third Edition" "... from phone phreaks to Android malware and from SIM swaps and SS7 hacking to 5G ..." VG Bernd [0] https://www.cl.cam.ac.uk/~rja14/book.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

Schweizer WhatsApp alternative «Threema» wird Open Source
by Bernd Kohler 21 Dec '20

21 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Schweizer WhatsApp alternative «Threema» wird Open Source" VG Bernd [0] https://techgarage.blog/schweizer-whatsapp-alternative-threema-wird-open-so… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

The Great iPwn
by Bernd Kohler 21 Dec '20

21 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "The Great iPwn" VG Bernd [0] https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspec… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Solarwinds Software an der RWTH?
by Jens Hektor 18 Dec '20

18 Dec '20

Hallo, gerüchteweise gibt es an der RWTH mindestens eine Einrichtung, die Software von Solarwinds einsetzt. Es wäre ganz nett, wenn sich die Verantwortlichen mal mit dem Computer Security Incidents Team (aka Bernd Kohler und ich) über csi(a)rwth-aachen.de melden würden, um das ganze näher zu diskutieren. Gruß, Jens Hektor

1 0

WordPress plugin with 5 million installs has a critical vulnerability
by Bernd Kohler 17 Dec '20

17 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "WordPress plugin with 5 million installs has a critical vulnerability" --> "... Contact Form 7 5.3.2 has been released. This is an urgent security and maintenance release ..." VG Bernd [0] https://www.bleepingcomputer.com/news/security/wordpress-plugin-with-5-mill… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Hackers are Bypassing Transport Layers and Depositing Spam via IMAP
by Bernd Kohler 17 Dec '20

17 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hackers are Bypassing Transport Layers and Depositing Spam via IMAP" --> "... using a new tool called Email Appender to connect directly to compromised email accounts via IMAP ..." VG Bernd [0] https://www.vadesecure.com/en/blog/hackers-are-bypassing-transport-layers-a… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

HPE discloses critical zero-day in server management software
by Bernd Kohler 16 Dec '20

16 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "HPE discloses critical zero-day in server management software" VG Bernd [0] https://www.bleepingcomputer.com/news/security/hpe-discloses-critical-zero-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Keytap2 - acoustic keyboard eavesdropping based on language n-gram frequencies
by Bernd Kohler 16 Dec '20

16 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Keytap2 - acoustic keyboard eavesdropping based on language n-gram frequencies" VG Bernd [0] https://github.com/ggerganov/kbd-audio/discussions/31?s=03 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

WordPress Easy WP SMTP zero-day Vulnerability Exposes Hundreds of Thousands of Sites to Hack
by Bernd Kohler 16 Dec '20

16 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "WordPress Easy WP SMTP zero-day Vulnerability Exposes Hundreds of Thousands of Sites to Hack" VG Bernd [0] https://gbhackers.com/easy-wp-smtp-zero-day-vulnerability/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication
by Bernd Kohler 16 Dec '20

16 Dec '20

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication" VG Bernd [0] https://www.schneier.com/blog/archives/2020/12/how-the-solarwinds-hackers-b… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0