April 2024 - rwth-security - lists.rwth-aachen.de

CVE-2024-24691 (CVSS 9.6): Critical Zoom Privilege Escalation
by Bernd Kohler 25 Jun '24

25 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-24691 (CVSS 9.6): Critical Zoom Privilege Escalation Vulnerability" VG Bernd [0] https://securityonline.info/cve-2024-24691-cvss-9-6-critical-zoom-privilege… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

2 2

Millions of Malicious 'Imageless' Containers Planted on Docker Hub
by Bernd Kohler 30 Apr '24

30 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years" VG Bernd [0] https://thehackernews.com/2024/04/millions-of-malicious-imageless.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

U.S. Government Releases New AI Security Guidelines for Critical
by Bernd Kohler 30 Apr '24

30 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "U.S. Government Releases New AI Security Guidelines for Critical Infrastructure" VG Bernd [0] https://thehackernews.com/2024/04/us-government-releases-new-ai-security.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

How an empty S3 bucket can make your AWS bill explode
by Bernd Kohler 30 Apr '24

30 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How an empty S3 bucket can make your AWS bill explode" --> "... S3 charges you for unauthorized incoming requests ..." - "... Anyone who knows the name of any of your S3 buckets can ramp up your AWS bill as they like ..." - "... Adding a random suffix to your bucket names can enhance security ..." - "... When executing a lot of requests to S3, make sure to explicitly specify the AWS region ..." --> enable CloudTrail logs VG Bernd [0] https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aw… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

New R Programming Vulnerability Exposes Projects to Supply Chain
by Bernd Kohler 29 Apr '24

29 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New R Programming Vulnerability Exposes Projects to Supply Chain Attacks" --> Update auf Version 4.4.0 VG Bernd [0] https://thehackernews.com/2024/04/new-r-programming-vulnerability-exposes.h… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

How to Use Microsoft Defender for Endpoint Advanced Hunting With WDAC
by Bernd Kohler 29 Apr '24

29 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How to Use Microsoft Defender for Endpoint Advanced Hunting With WDAC App Control" --> passend hierzu auch [1] VG Bernd [0] https://github.com/HotCakeX/Harden-Windows-Security/wiki/How-to-Use-Microso… [1] https://github.com/HotCakeX/Harden-Windows-Security/wiki/Script-Enforcement… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Chrome Beta (≥115.0.5748.0) supports post-quantum key
by Bernd Kohler 29 Apr '24

29 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Chrome Beta (≥115.0.5748.0) supports post-quantum key" 1. chrome://flags --> dort folgendes aktivieren "TLS 1.3 hybridized Kyber support" 2. Einstellungen überprüfen durch Aufrufen der folgenden Webseite pq.cloudflareresearch.com bzw. pq.cloudflareresearch.com/cdn-cgi/trace --> bei letzterm sollte im key exchange Feld "Kyber" stehen Laut [0] wird aber nur HTTP≤2 und nicht HTTP3/QUIC unterstützt VG Bernd [0] https://twitter.com/bwesterb/status/1668600698240393218 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 4

(The) Postman Carries Lots of Secrets
by Bernd Kohler 26 Apr '24

26 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "(The) Postman Carries Lots of Secrets" --> "... Postman launched a public network for developers to “share and showcase” their APIs. ... --> "... scan a Postman workspace with TruffleHog ..." VG Bernd [0] https://trufflesecurity.com/blog/postman-carries-lots-of-secrets -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Urgent GitLab Update Patches Account Takeover Flaw, Other
by Bernd Kohler 25 Apr '24

25 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Urgent GitLab Update Patches Account Takeover Flaw, Other High-Severity Bugs" --> "... upgrading to versions 16.11.1, 16.10.4, or 16.9.6 ..." VG Bernd [0] https://securityonline.info/urgent-gitlab-update-patches-account-takeover-f… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New Brokewell malware takes over Android devices, steals data
by Bernd Kohler 25 Apr '24

25 Apr '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Brokewell malware takes over Android devices, steals data" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-brokewell-malware-takes-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0