Dezember 2023 - rwth-security - lists.rwth-aachen.de

Towards SSH3: how HTTP/3 improves secure shells

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Towards SSH3: how HTTP/3 improves secure shells" --> siehe dazu [1] VG Bernd [0] https://arxiv.org/pdf/2312.08396.pdf [1] https://github.com/francoismichel/ssh3 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

4 Monate, 3 Wochen

1
0
0 0

How to Detect Malware C2 with DNS Status Codes

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How to Detect Malware C2 with DNS Status Codes" VG Bernd [0] https://www.socinvestigation.com/how-to-detect-malware-c2-with-dns-status-c… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

4 Monate, 3 Wochen

1
0
0 0

27 Malicious PyPI Packages with Thousands of Downloads Found

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts" --> Liste der Pakete findet sich in [1] VG Bernd [0] https://thehackernews.com/2023/11/27-malicious-pypi-packages-with.html [1] https://checkmarx.com/blog/attacker-hidden-in-plain-sight-for-nearly-six-mo… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

4 Monate, 3 Wochen

1
1
0 0

Researcher discovered a new lock screen bypass bug for android 14 and

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Researcher discovered a new lock screen bypass bug for android 14 and 14" VG Bernd [0] https://securityaffairs.com/155588/hacking/android-14-13-lock-screen-bypass… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
0
0 0

New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-5ghoul-attack-impacts-5g… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
0
0 0

IceKube: Finding complex attack paths in Kubernetes clusters

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "IceKube: Finding complex attack paths in Kubernetes clusters" --> das GIT repo findet sich auf [1] VG Bernd [0] https://labs.withsecure.com/tools/icekube--finding-complex-attack-paths-in-… [1] https://github.com/WithSecureLabs/IceKube -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
0
0 0

Firefox 120 - "imports TLS trust anchors (e.g., certificates) from

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Firefox Beta Release Notes" VG Bernd [0] https://www.mozilla.org/en-US/firefox/120.0beta/releasenotes/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
0
0 0

LogoFAIL - Research,UEFI flaws allow bootkits to pwn potentially

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "UEFI flaws allow bootkits to pwn potentially hundreds of devices using images" --> siehe dazu auch [1] --> "All three of the major independent BIOS vendors – AMI, Insyde, and Phoenix – are affected by the issues, as well as devices from Intel, Acer, and Lenovo ." VG Bernd [0] https://www.theregister.com/2023/12/01/uefi_image_parser_flaws/ [1] https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
1
0 0

New SLAM attack steals sensitive data from AMD, future Intel CPUs

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New SLAM attack steals sensitive data from AMD, future Intel CPUs" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-slam-attack-steals-sensi… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
0
0 0

Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates" "... new set of attacks against Active Directory domains that use Microsoft Dynamic Host Configuration Protocol (DHCP) servers. ..." VG Bernd [0] https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

rwth-security Dezember 2023