July 2024 - rwth-security - lists.rwth-aachen.de

New Android malware wipes your device after draining bank accounts
by Bernd Kohler 31 Jul '24

31 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Android malware wipes your device after draining bank accounts" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-android-malware-wipes-yo… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New Specula tool uses Outlook for remote code execution in Windows
by Bernd Kohler 30 Jul '24

30 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Specula tool uses Outlook for remote code execution in Windows" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-specula-tool-uses-outloo… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

macOS - The New Passwords App Keeps Credentials Secure and Organized
by Bernd Kohler 24 Jul '24

24 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI " The New Passwords App Keeps Credentials Secure and Organized" VG Bernd [0] https://www.apple.com/newsroom/2024/06/macos-sequoia-takes-productivity-and… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Deploying Let's Encrypt's New Issuance Chains
by Bernd Kohler 24 Jul '24

24 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Deploying Let's Encrypt's New Issuance Chains" VG Bernd [0] https://letsencrypt.org/2024/04/12/changes-to-issuance-chains -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Fake CrowdStrike repair manual pushes new infostealer malware
by Bernd Kohler 23 Jul '24

23 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Fake CrowdStrike repair manual pushes new infostealer malware" --> "... malware called Daolpu ..." VG Bernd [0] https://www.bleepingcomputer.com/news/security/fake-crowdstrike-repair-manu… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Let's Encrypt - Intent to End OCSP Service
by Bernd Kohler 23 Jul '24

23 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Intent to End OCSP Service" --> "... our intent to end Online Certificate Status Protocol (OCSP) support in favor of Certificate Revocation Lists (CRLs) as soon as possible ..." --> "... As soon as the Microsoft Root Program also makes OCSP o ptional, which we are optimistic will happen within the next six to twelve months, Let’s Encrypt intends to announce a specific and rapid timeline for shutting down our OCSP services. ..." --> kein OSCP stapling? VG Bernd [0] https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

OpenSSH plans to remove support for the DSA signature algorithm
by Bernd Kohler 22 Jul '24

22 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "OpenSSH plans to remove support for the DSA signature algorithm in,early 2025" VG Bernd [0] https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-June/041381.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

kernel-hardening-checker
by Bernd Kohler 21 Jul '24

21 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "kernel-hardening-checker" --> ist schon etwas älter (wir aber wohl noch gepflegt, allerdings fehlt bspw. die Konfiguration für bspw Ubuntu 24.04) https://github.com/a13xp0p0v/kernel-hardening-checker # alternativ mkdir kernel-hardening-checker python3 -m venv kernel-hardening-checker source ./kernel-hardening-checker/bin/activate pip install git+https://github.com/a13xp0p0v/kernel-hardening-checker kernel-hardening-checker -h VG Bernd [0] https://github.com/a13xp0p0v/kernel-hardening-checker -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Announcing Public Preview of Inbound SMTP DANE with DNSSEC for
by Bernd Kohler 18 Jul '24

18 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Announcing Public Preview of Inbound SMTP DANE with DNSSEC for Exchange Online" VG Bernd [0] https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-public… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

LDAP Firewall (für Windows)
by Bernd Kohler 18 Jul '24

18 Jul '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "LDAP Firewall" -nun Version 1.0.0 --> "... is an open-source tool for Windows servers that lets you audit and restrict incoming LDAP requests ..." --> kann wahrscheinluch nicht mehr als ACLs unter *nix --> ob das auch in Kombination mit einem AD-Server funktioiert habe ich nicht getestet. VG Bernd [0] https://github.com/zeronetworks/ldapfw -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0