June 2024 - rwth-security - lists.rwth-aachen.de

BREADS - Breaking Active Directory Security
by Bernd Kohler 13 Jun '24

13 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "BREADS" --> Breaking Active Directory Security --> "... attacking Active Directory environments through LDAP and SMB protocols ..." VG Bernd [0] https://github.com/oppsec/breads -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Phishing emails abuse Windows search protocol to push malicious
by Bernd Kohler 13 Jun '24

13 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Phishing emails abuse Windows search protocol to push malicious scripts" VG Bernd [0] https://www.bleepingcomputer.com/news/security/phishing-emails-abuse-window… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

AWS adds passkeys support, warns root users must enable MFA
by Bernd Kohler 13 Jun '24

13 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "AWS adds passkeys support, warns root users must enable MFA" VG Bernd [0] https://www.bleepingcomputer.com/news/security/aws-adds-passkeys-support-wa… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Microsoft deprecates Windows DirectAccess, recommends Always On VPN
by Bernd Kohler 13 Jun '24

13 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft deprecates Windows DirectAccess, recommends Always On VPN" VG Bernd [0] https://www.bleepingcomputer.com/news/microsoft/microsoft-deprecates-window… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Microsoft - Effective strategies for conducting Mass Password Resets
by Bernd Kohler 12 Jun '24

12 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Effective strategies for conducting Mass Password Resets during cybersecurity incidents" VG Bernd [0] https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/effe… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Firefox will upgrade more Mixed Content in Version 127
by Bernd Kohler 11 Jun '24

11 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Firefox will upgrade more Mixed Content in Version 127" --> Release Datum laut [1] "heute" --> "... automatically upgrade audio, video, and image subresources from HTTP to HTTPS ..." VG Bernd [0] https://blog.mozilla.org/security/2024/06/05/firefox-will-upgrade-more-mixe… [1] https://whattrainisitnow.com/release/?version=release -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New Warmcookie Windows backdoor pushed via fake job offers
by Bernd Kohler 11 Jun '24

11 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Warmcookie Windows backdoor pushed via fake job offers" --> "... never-before-seen Windows malware named 'Warmcookie' is distributed through fake job offer phishing campaigns to breach corporate networks ..." VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-warmcookie-windows-backd… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

OpenSSH (ab Version 9.6) introduces options to penalize undesirable
by Bernd Kohler 11 Jun '24

11 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "OpenSSH introduces options to penalize undesirable behavior" --> in bestimmten Situationen IPv4/IPv6 hosts blocken --> siehe dazu auch [1] - [3] VG Bernd [0] https://undeadly.org/cgi?action=article;sid=20240607042157 [1] https://man.openbsd.org/sshd_config#PerSourcePenalties [2] https://man.openbsd.org/sshd_config#PerSourcePenaltyExemptList [3] https://man.openbsd.org/sshd_config.5#PerSourceNetBlockSize -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Nvidia Patches High-Severity GPU Driver Vulnerabilities
by Bernd Kohler 10 Jun '24

10 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Nvidia Patches High-Severity GPU Driver Vulnerabilities" --> "... R555, R550, R535, and R470 ..." VG Bernd [0] https://www.securityweek.com/nvidia-patches-high-severity-gpu-driver-vulner… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

GPT-4 Bots - Teams of LLM Agents can Exploit Zero-Day Vulnerabilities
by Bernd Kohler 10 Jun '24

10 Jun '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Teams of LLM Agents can Exploit Zero-Day Vulnerabilities" VG Bernd [0] https://arxiv.org/pdf/2406.01637 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0