lists.rwth-aachen.de
Sign In
Sign Up
Sign In
Sign Up
Manage this list
×
Keyboard Shortcuts
Thread View
j
: Next unread message
k
: Previous unread message
j a
: Jump to all threads
j l
: Jump to MailingList overview
2024
December
November
October
September
August
July
June
May
April
March
February
January
2023
December
November
October
September
August
July
June
May
April
March
February
January
2022
December
November
October
September
August
July
June
May
April
March
February
January
2021
December
November
October
September
August
July
June
May
April
March
February
January
2020
December
November
October
September
August
July
June
May
April
March
February
January
2019
December
November
October
September
August
July
June
May
April
March
February
January
2018
December
November
October
September
August
July
List overview
Download
rwth-security
November 2024
----- 2024 -----
December 2024
November 2024
October 2024
September 2024
August 2024
July 2024
June 2024
May 2024
April 2024
March 2024
February 2024
January 2024
----- 2023 -----
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
----- 2022 -----
December 2022
November 2022
October 2022
September 2022
August 2022
July 2022
June 2022
May 2022
April 2022
March 2022
February 2022
January 2022
----- 2021 -----
December 2021
November 2021
October 2021
September 2021
August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
----- 2020 -----
December 2020
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
----- 2019 -----
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
April 2019
March 2019
February 2019
January 2019
----- 2018 -----
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
rwth-security@lists.rwth-aachen.de
2 participants
34 discussions
Start a n
N
ew thread
Bootkitty: Analyzing the first UEFI bootkit for Linux
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Bootkitty: Analyzing the first UEFI bootkit for Linux" VG Bernd [0]
https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-u…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web:
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen
21 hours, 26 minutes
1
1
0
0
Hackers abuse popular Godot game engine to infect thousands of PCs
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Hackers abuse popular Godot game engine to infect thousands of PCs" VG Bernd [0]
https://www.bleepingcomputer.com/news/security/new-godloader-malware-infect…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de
www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ
3 days, 20 hours
1
0
0
0
Zabbix CVE-2024-42327 SQL Injection
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI SQL Injection in Zabbix, CVE-2024-42327 "... non-admin user account ... with the default User role ... that gives API access ..." "... Berechtigungen eskalieren und möglicherweise sensible Daten exfiltrieren oder die Kontrolle über das System übernehmen. ..." VG Bernd [0]
https://nvd.nist.gov/vuln/detail/CVE-2024-42327
[1]
https://www.sentiguard.eu/wissen/kritische-sql-injection-schwachstelle-in-z…
[2]
https://support.zabbix.com/browse/ZBX-25623
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web:
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen
3 days, 23 hours
1
0
0
0
CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix" VG Bernd [0]
https://securityonline.info/cve-2024-42327-critical-sql-injection-vulnerabi…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web:
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen
5 days, 6 hours
1
0
0
0
Unpatched NTLM Flaws Leave Microsoft Systems Vulnerable
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Exploit released for new Windows Server "WinReg" NTLM Relay attack" --> siehe dazu [1] --> finde auf [2] keinen Hinweis (oder übersehe etwas) --> Key recommendations auf [0] - Disabling NTLM Authentication - Blocking Outbound SMB Traffic - Educating End Users VG Bernd [0]
https://securityonline.info/unpatched-ntlm-flaws-leave-microsoft-systems-vu…
[1]
https://blog.morphisec.com/5-ntlm-vulnerabilities-unpatched-privilege-escal…
[2]
https://heise.de/-10178400
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web:
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen
5 days, 23 hours
1
0
0
0
certmitm - tool for testing for certificate validation
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "certmitm" --> tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application --> Folien und Video sidn auf [0] verlinkt git clone
https://github.com/aapooksman/certmitm.git
python -m venv certmitm/ cd certmitm/ source ./bin/activate pip install -r requirements.txt ... deactivate VG Bernd [0]
https://github.com/aapooksman/certmitm
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web:
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/c/ITCenterRWTHAachen
5 days, 23 hours
1
0
0
0
CVE-2024-8114: GitLab Vulnerability Allows Privilege Escalation
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-8114: GitLab Vulnerability Allows Privilege Escalation" VG Bernd [0]
https://securityonline.info/cve-2024-8114-gitlab-vulnerability-allows-privi…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ
6 days, 6 hours
1
0
0
0
macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published" VG Bernd [0]
https://securityonline.info/macos-vulnerability-cve-2023-32428-grants-root-…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ
6 days, 6 hours
1
0
0
0
Over a Third of Firms Struggling With Shadow AI
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Over a Third of Firms Struggling With Shadow AI" VG Bernd [0]
https://www.infosecurity-magazine.com/news/over-third-firms-struggling-shad…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de
www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ
1 week
1
0
0
0
PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges
by Bernd Kohler
Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate Update" VG Bernd [0]
https://securityonline.info/php-patches-multi-flaws-including-cve-2024-8932…
-- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de
www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ
1 week
1
0
0
0
← Newer
1
2
3
4
Older →
Jump to page:
1
2
3
4
Results per page:
10
25
50
100
200