October 2022 - rwth-security - lists.rwth-aachen.de

Bypassing LDAP Channel Binding with StartTLS (Active Directory)
by Bernd Kohler 08 Jan '24

08 Jan '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Bypassing LDAP Channel Binding with StartTLS" VG Bernd [0] https://offsec.almond.consulting/bypassing-ldap-channel-binding-with-startt… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

Cert-EU: Hardening Signal
by Bernd Kohler 20 Sep '23

20 Sep '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hardening Signal" VG Bernd [0] https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

CrowdStrike Identifies New Kiss-a-Dog Cryptojacking Campaign
by Bernd Kohler 28 Oct '22

28 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CrowdStrike Identifies New Kiss-a-Dog Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Infrastructure" VG Bernd [0] https://www.crowdstrike.com/blog/new-kiss-a-dog-cryptojacking-campaign-targ… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

OpenSSL security fix release (1. November)
by Thomas Schneider 26 Oct '22

26 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Forthcoming OpenSSL Releases" --> "The highest severity issue fixed in this release is CRITICAL" VG Thomas [0] https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html -- Fachschaft I/1 Mathematik/Physik/Informatik der RWTH Aachen Thomas Schneider Campus Mitte: Augustinerbach 2a, 52062 Aachen Telefon: +49 241 80 94506 Informatikzentrum: Ahornstraße 55, Raum 2014, 52074 Aachen Telefon: +49 241 80 26741 https://www.fsmpi.rwth-aachen.de

1 0

Brave New Trusted Boot World
by Bernd Kohler 26 Oct '22

26 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Brave New Trusted Boot World" --> "Central to the proposed design is the concept of a Unified Kernel Image (UKI)" --> This work is evidently the first in a series that will come out of the newly formed Linux Userspace API Group [1] VG Bernd [0] https://0pointer.de/blog/brave-new-trusted-boot-world.html [1] https://uapi-group.org/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

A Comprehensive Guide To HTTP/3 And QUIC
by Bernd Kohler 25 Oct '22

25 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "A Comprehensive Guide To HTTP/3 And QUIC" VG Bernd [0] https://www.debugbear.com/blog/http3-quic-protocol-guide -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Chrome extensions with 1 million installs hijack targets’ browsers
by Bernd Kohler 25 Oct '22

25 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Chrome extensions with 1 million installs hijack targets’ browsers" VG Bernd [0] https://www.bleepingcomputer.com/news/security/chrome-extensions-with-1-mil… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Free webinar - TLS 1.3, and how it differs from prior versions of SSL
by Bernd Kohler 24 Oct '22

24 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "TLS 1.3, and how it differs from prior versions of SSL" --> free webinar 5.10.2022 09:30 a.m. PDT (UTC -0700) VG Bernd [0] https://classes.pracnet.net/webinar/tls-1-3-and-how-it-differs/register -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

SHA-3 Buffer Overflow
by Bernd Kohler 21 Oct '22

21 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "SHA-3 Buffer Overflow" VG Bernd [0] https://mouha.be/sha-3-buffer-overflow/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Microsoft fixes Windows TLS handshake failures in out-of-band updates
by Bernd Kohler 19 Oct '22

19 Oct '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft fixes Windows TLS handshake failures in out-of-band updates" VG Bernd [0] https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-tls… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0