December 2023 - rwth-security - lists.rwth-aachen.de

Towards SSH3: how HTTP/3 improves secure shells
by Bernd Kohler 17 Dec '23

17 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Towards SSH3: how HTTP/3 improves secure shells" --> siehe dazu [1] VG Bernd [0] https://arxiv.org/pdf/2312.08396.pdf [1] https://github.com/francoismichel/ssh3 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

How to Detect Malware C2 with DNS Status Codes
by Bernd Kohler 15 Dec '23

15 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How to Detect Malware C2 with DNS Status Codes" VG Bernd [0] https://www.socinvestigation.com/how-to-detect-malware-c2-with-dns-status-c… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

27 Malicious PyPI Packages with Thousands of Downloads Found
by Bernd Kohler 14 Dec '23

14 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts" --> Liste der Pakete findet sich in [1] VG Bernd [0] https://thehackernews.com/2023/11/27-malicious-pypi-packages-with.html [1] https://checkmarx.com/blog/attacker-hidden-in-plain-sight-for-nearly-six-mo… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 1

Researcher discovered a new lock screen bypass bug for android 14 and
by Bernd Kohler 11 Dec '23

11 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Researcher discovered a new lock screen bypass bug for android 14 and 14" VG Bernd [0] https://securityaffairs.com/155588/hacking/android-14-13-lock-screen-bypass… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips
by Bernd Kohler 08 Dec '23

08 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-5ghoul-attack-impacts-5g… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

IceKube: Finding complex attack paths in Kubernetes clusters
by Bernd Kohler 08 Dec '23

08 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "IceKube: Finding complex attack paths in Kubernetes clusters" --> das GIT repo findet sich auf [1] VG Bernd [0] https://labs.withsecure.com/tools/icekube--finding-complex-attack-paths-in-… [1] https://github.com/WithSecureLabs/IceKube -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Firefox 120 - "imports TLS trust anchors (e.g., certificates) from
by Bernd Kohler 08 Dec '23

08 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Firefox Beta Release Notes" VG Bernd [0] https://www.mozilla.org/en-US/firefox/120.0beta/releasenotes/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

LogoFAIL - Research,UEFI flaws allow bootkits to pwn potentially
by Bernd Kohler 08 Dec '23

08 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "UEFI flaws allow bootkits to pwn potentially hundreds of devices using images" --> siehe dazu auch [1] --> "All three of the major independent BIOS vendors – AMI, Insyde, and Phoenix – are affected by the issues, as well as devices from Intel, Acer, and Lenovo ." VG Bernd [0] https://www.theregister.com/2023/12/01/uefi_image_parser_flaws/ [1] https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

New SLAM attack steals sensitive data from AMD, future Intel CPUs
by Bernd Kohler 07 Dec '23

07 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New SLAM attack steals sensitive data from AMD, future Intel CPUs" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-slam-attack-steals-sensi… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates
by Bernd Kohler 07 Dec '23

07 Dec '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Spoofing DNS Records by Abusing DHCP DNS Dynamic Updates" "... new set of attacks against Active Directory domains that use Microsoft Dynamic Host Configuration Protocol (DHCP) servers. ..." VG Bernd [0] https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0