May 2024 - rwth-security - lists.rwth-aachen.de

CVE-2024-24691 (CVSS 9.6): Critical Zoom Privilege Escalation
by Bernd Kohler 25 Jun '24

25 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-24691 (CVSS 9.6): Critical Zoom Privilege Escalation Vulnerability" VG Bernd [0] https://securityonline.info/cve-2024-24691-cvss-9-6-critical-zoom-privilege… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

2 2

Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and
by Bernd Kohler 05 Jun '24

05 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses" VG Bernd [0] https://thehackernews.com/2024/05/windows-11-to-deprecate-ntlm-add-ai.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 1

How SMTP DNS-based Authentication of Named Entities (DANE) works
by Bernd Kohler 31 May '24

31 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How SMTP DNS-based Authentication of Named Entities (DANE) works" VG Bernd [0] https://learn.microsoft.com/en-us/purview/how-smtp-dane-works -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Notes on Post-Quantum Cryptography for TLS 1.2
by Bernd Kohler 31 May '24

31 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Notes on Post-Quantum Cryptography for TLS 1.2" VG Bernd [0] https://educatedguesswork.org/posts/pq-tls12/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Meta and Zoom deploy post-quantum TLS solutions
by Bernd Kohler 31 May '24

31 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Meta and Zoom deploy post-quantum TLS solutions" VG Bernd [0] https://pqshield.com/meta-and-zoom-deploy-post-quantum-tls-solutions/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML
by Bernd Kohler 27 May '24

27 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI' VG Bernd [0] https://thehackernews.com/2024/05/new-tricks-in-phishing-playbook.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Dangerous New Browser Malware Detected on Forums: GhostHook v1.0
by Bernd Kohler 24 May '24

24 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Dangerous New Browser Malware Detected on Forums: GhostHook v1.0" VG Bernd [0] https://dailydarkweb.net/dangerous-new-browser-malware-detected-on-forums-g… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

YARA is dead, long live YARA-X
by Bernd Kohler 24 May '24

24 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "YARA is dead, long live YARA-X" VG Bernd [0] https://blog.virustotal.com/2024/05/yara-is-dead-long-live-yara-x.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

https://www.bleepingcomputer.com/news/security/high-severity-gitlab-flaw-lets-attackers-take-over-accounts/
by Bernd Kohler 24 May '24

24 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "High-severity GitLab flaw lets attackers take over accounts" VG Bernd [0] https://www.bleepingcomputer.com/news/security/high-severity-gitlab-flaw-le… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

free Webinar unpacking the TLS 1.3 Handshake -- explaining every
by Bernd Kohler 21 May '24

21 May '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "TLS 1.3 Handshake -- explaining every message" --> 29.05.2024 19:00 Uhr Pre-Requisites: [1] - Changes to TLS 1.3 Overview [2] - Changes to TLS 1.3 related to Cipher Suites [3] - Changes to TLS 1.3 related to TLS Handshake VG Bernd [0] https://www.youtube.com/watch?v=_4NUeo9mEEc [1] https://www.youtube.com/watch?v=0ylxXrN1yHs [2] https://www.youtube.com/watch?v=mV1h1e83O20 [3] https://www.youtube.com/watch?v=JA0vaIb4158 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0