May 2023 - rwth-security - lists.rwth-aachen.de

Bypassing LDAP Channel Binding with StartTLS (Active Directory)
by Bernd Kohler 08 Jan '24

08 Jan '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Bypassing LDAP Channel Binding with StartTLS" VG Bernd [0] https://offsec.almond.consulting/bypassing-ldap-channel-binding-with-startt… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

Cert-EU: Hardening Signal
by Bernd Kohler 20 Sep '23

20 Sep '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hardening Signal" VG Bernd [0] https://media.cert.europa.eu/static/WhitePapers/TLP-WHITE-CERT-EU_Security_… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

KeePass 2.X Master Password Dumper (CVE-2023-32784)
by Bernd Kohler 06 Jun '23

06 Jun '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI KeePass 2.X Master Password Dumpe VG Bernd [0] https://github.com/vdohney/keepass-password-dumper -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

MFA - Microsoft 365 and Azure AD admins - ICYMI Authenticator Lite
by Bernd Kohler 28 May '23

28 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "ICYMI Authenticator Lite will be enabled on 9th June on all 'Microsoft managed' tenants" siehe dazu auch [1] Announcing General Availability of Authenticator Lite (in Outlook) [2] How to enable Microsoft Authenticator Lite for Outlook mobile [3] Authenticate with Outlook mobile VG Bernd [0] https://twitter.com/merill/status/1662687390471962624 [1] https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/announ… [2] https://learn.microsoft.com/en-us/azure/active-directory/authentication/how… [3] https://support.microsoft.com/en-us/topic/authenticate-with-outlook-mobile-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Hidden Desktop BOF - interact with a remote desktop session without
by Bernd Kohler 26 May '23

26 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hidden Desktop BOF" --> "... interact with a remote desktop session without the user knowing ..." VG Bernd [0] https://github.com/WKL-Sec/HiddenDesktop -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Microsoft 365 phishing attacks use encrypted RPMSG messages
by Bernd Kohler 26 May '23

26 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI Microsoft 365 phishing attacks use encrypted RPMSG messages" VG Bernd [0] https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attac… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Infecting SSH Public Keys with backdoors
by Bernd Kohler 25 May '23

25 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Infecting SSH Public Keys with backdoors VG Bernd [0] https://blog.thc.org/infecting-ssh-public-keys-with-backdoors -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

2 1

Chrome (ab Version 112) HTTPSOnly Mode Policy
by Bernd Kohler 12 May '23

12 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "HttpsOnlyMode" --> ab Chrome Version 112 --> "HTTPS-Only Mode upgrades all navigations to HTTPS." VG Bernd [0] https://chromeenterprise.google/policies/#HttpsOnlyMode -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Make OCSP Optional, Require CRLs, and Incentivize Automation /
by Bernd Kohler 08 May '23

08 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Make OCSP Optional, Require CRLs, and Incentivize Automation / Short-Lived Certificates" VG Bernd [0] https://github.com/cabforum/servercert/pull/414 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Ubuntu 18.04 LTS End of Standard Support 31.05.2023
by Bernd Kohler 04 May '23

04 May '23

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Ubuntu 18.04 LTS End of Standard Support" --> nötiges Upgrade sollte vor dem 31.05. erfolgt sein --> [0] ist ein webinar: "more about all the options available" VG Bernd [0] https://www.linkedin.com/events/7051935059137703936/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0