July 2022 - rwth-security - lists.rwth-aachen.de

An AD FS Vulnerability may lead to Elevation of Privilege on recent
by Bernd Kohler 18 Jul '22

18 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "An AD FS Vulnerability may lead to Elevation of Privilege on recent Windows Server versions" --> patch is Verfügbar VG Bernd [0] https://dirteam.com/sander/2022/07/14/an-ad-fs-vulnerability-may-lead-to-el… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Cryptography II - online Kurs von Prof. Dan Boneh (Stanford
by Bernd Kohler 14 Jul '22

14 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Cryptography II" (Starting October 19, 2022) Der 1-te Kurs ist über die URL [1] buchbar. VG Bernd [0] https://www.coursera.org/learn/crypto2 [1] https://www.coursera.org/learn/crypto -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Decompiler Explorer - compare the output of different decompilers on
by Bernd Kohler 14 Jul '22

14 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Introducing Decompiler Explorer" VG Bernd [0] https://binary.ninja/2022/07/13/introducing-decompiler-explorer.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

TLSX - TLS grabber focused on TLS based data collection and analysis
by Bernd Kohler 14 Jul '22

14 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "TSLX" ("... TLS grabber focused on TLS based data collection and analysis ..." VG Bernd [0] https://github.com/projectdiscovery/tlsx -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Microsoft announced the general availability of Windows Autopatch
by Bernd Kohler 12 Jul '22

12 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft announced the general availability of Windows Autopatch feature" VG Bernd [0] https://securityaffairs.co/wordpress/133139/security/microsoft-autopatch.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

SSHFS - project is no longer maintained or developed
by Bernd Kohler 12 Jul '22

12 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "SSHFS - This Project is Orphaned" --> "... project is no longer maintained or developed ..." wird wohl zeitnah aus Repos entfernt werden wer das mouten via ssh genutzt hat muss sich nun nach einer Alternative umschauen. VG Bernd [0] https://github.com/libfuse/sshfs -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

HardeningKitty and Windows 10 Hardening
by Bernd Kohler 07 Jul '22

07 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "HardeningKitty and Windows 10 Hardening" VG Bernd [0] https://github.com/0x6d69636b/windows_hardening/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Automating binary vulnerability discovery with Ghidra and Semgrep
by Bernd Kohler 07 Jul '22

07 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Automating binary vulnerability discovery with Ghidra and Semgrep" VG Bernd [0] https://security.humanativaspa.it/automating-binary-vulnerability-discovery… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Push Comes To Shove: exploring the attack surface of SCCM Client Push
by Bernd Kohler 07 Jul '22

07 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Push Comes To Shove: exploring the attack surface of SCCM Client Push Accounts" VG Bernd [0] https://www.hub.trimarcsecurity.com/post/push-comes-to-shove-exploring-the-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Typo-squatting NPM software supply chain attack uncovered
by Bernd Kohler 06 Jul '22

06 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Typo-squatting NPM software supply chain attack uncovered" VG Bernd [0] https://www.theregister.com/2022/07/06/npm_supply_chain_attack/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0