- rwth-security - lists.rwth-aachen.de

CVE-2024-6387: Critical OpenSSH Unauthenticated RCE Flaw ‘regreSSHion’ Exposes Millions of Linux Systems

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-6387: Critical OpenSSH Unauthenticated RCE Flaw ‘regreSSHion’ Exposes Millions of Linux Systems" VG Bernd [0] https://securityonline.info/cve-2024-6387-critical-openssh-unauthenticated-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

54 Minuten

1
2
0 0

New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data" VG Bernd [0] https://thehackernews.com/2024/07/new-intel-cpu-vulnerability-indirector.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

17 Stunden, 2 Minuten

1
0
0 0

Arbitrary code execution vulnerability in OpenSSH patched

von Thomas Schneider

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier[0,1,2] FYI "A critical vulnerability in sshd(8) was present in Portable OpenSSH versions 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary code execution with root privileges." --> In Debian stable/bookworm gepatcht in 1:9.2p1-2+deb12u3 (man beachte die 3 am Ende!), Debian oldstable/bullseye nicht verwundbar. VG Thomas [0]: https://security-tracker.debian.org/tracker/CVE-2024-6387 [1]: https://www.openwall.com/lists/oss-security/2024/07/01/1 [2]: https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt -- Fachschaft I/1 Mathematik/Physik/Informatik der RWTH Aachen Thomas Schneider Campus Mitte: Augustinerbach 2a, 52062 Aachen Telefon: +49 241 80 94506 Informatikzentrum: Ahornstraße 55, Raum 2014, 52074 Aachen Telefon: +49 241 80 26741 https://www.fsmpi.rwth-aachen.de

1 Tag, 20 Stunden

1
0
0 0

Sustaining Digital Certificate Security - Entrust Certificate

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Sustaining Digital Certificate Security - Entrust Certificate Distrust" --> Google wird Zertifikaten von Entrust nicht mehr vertrauen (andere dürften zeitnah folgen) VG Bernd [0] https://security.googleblog.com/2024/06/sustaining-digital-certificate-secu… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

4 Tage, 14 Stunden

1
0
0 0

Mitigating Skeleton Key, a new type of generative AI jailbreak

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Mitigating Skeleton Key, a new type of generative AI jailbreak technique" VG Bernd [0] https://www.microsoft.com/en-us/security/blog/2024/06/26/mitigating-skeleto… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

5 Tage, 23 Stunden

1
0
0 0

MOVEit Transfer Critical Security Alert Bulletin – June 2024 – (CVE-2024-5806)

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "MOVEit Transfer Critical Security Alert Bulletin – June 2024 – (CVE-2024-5806)" --> "... affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2. ..." VG Bernd [0] https://community.progress.com/s/article/MOVEit-Transfer-Product-Security-A… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 Woche

1
0
0 0

New Attack Technique Exploits Microsoft Management Console Files

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Attack Technique Exploits Microsoft Management Console Files" VG Bernd [0] https://thehackernews.com/2024/06/new-attack-technique-exploits-microsoft.h… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 Woche

1
0
0 0

Google Introduces Project Naptime for AI-Powered Vulnerability

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Google Introduces Project Naptime for AI-Powered Vulnerability Research" VG Bernd [0] https://thehackernews.com/2024/06/google-introduces-project-naptime-for.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 Woche

1
0
0 0

P2PInfect botnet targets REdis servers with new ransomware module

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "P2PInfect botnet targets REdis servers with new ransomware module" --> "... is no longer an experiment but a real threat to Redis servers, capable of destroying data and hijacking computational resources ..." VG Bernd [0] https://www.bleepingcomputer.com/news/security/p2pinfect-botnet-targets-red… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 Woche

1
0
0 0

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts" VG Bernd [0] https://thehackernews.com/2024/06/multiple-wordpress-plugins-compromised.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 Woche

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

rwth-security