June 2022 - rwth-security - lists.rwth-aachen.de

Hertzbleed Attack
by Bernd Kohler 14 Jun '22

14 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hertzbleed Attack" "... new family of side-channel attacks ... worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers ..." VG Bernd [0] https://www.hertzbleed.com/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

MIT-Forscher:innen finden nicht patchbare Hardware-Sicherheitslücke in Apples M1-Chip
by Bernd Kohler 14 Jun '22

14 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "MIT-Forscher:innen finden nicht patchbare Hardware-Sicherheitslücke in Apples M1-Chip" VG Bernd [0] https://t3n.de/news/mit-m1-apple-chip-hardware-sicherheitsluecke-1478885/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Extracting Clear-Text Credentials Directly From Chromium’s Memory
by Bernd Kohler 09 Jun '22

09 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Extracting Clear-Text Credentials Directly From Chromium’s Memory" VG Bernd [0] https://www.cyberark.com/resources/threat-research-blog/extracting-clear-te… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Password Cracking 101 + 1
by Bernd Kohler 07 Jun '22

07 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Password Cracking 101 + 1" --> " FREE! Training videos + VM download below" --> start 08.06.2022 VG Bernd [0] https://in.security/technical-training/password-cracking/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Analyzing CVE-2022-0778: When Square Root Results in a Denial of
by Bernd Kohler 02 Jun '22

02 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Analyzing CVE-2022-0778: When Square Root Results in a Denial of Service" VG Bernd [0] https://news.sophos.com/en-us/2022/06/01/cve-2022-0778-openssl-denial-of-se… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Enhancing trust and security on the internet – browsers are the first line of defence
by Bernd Kohler 01 Jun '22

01 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Enhancing trust and security on the internet – browsers are the first line of defence" --> "... just unveiled an update to the security policies ..." [1] VG Bernd [0] https://blog.mozilla.org/netpolicy/2022/05/31/enhancing-trust-and-security-… [1] https://blog.mozilla.org/security/2022/05/23/upgrading-mrsp-to-v-2-8/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Linux Kernel use-after-free write in netfilter
by Bernd Kohler 01 Jun '22

01 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Linux Kernel use-after-free write in netfilter" VG Bernd [0] https://seclists.org/oss-sec/2022/q2/159 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Log4Shell-Rex
by Bernd Kohler 01 Jun '22

01 Jun '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Log4Shell-Rex" --> nutzbar z.B. via "find /var/log -name "*.log" | xargs grep -P ${Log4ShellRex}" VG Bernd [0] https://github.com/back2root/log4shell-rex -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1