- rwth-security - lists.rwth-aachen.de

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
by Bernd Kohler 04 Dec '24

04 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution" VG Bernd [0] https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2024-11… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Malicious Ads in Search Results Are Driving New Generations of Scams
by Bernd Kohler 04 Dec '24

04 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Malicious Ads in Search Results Are Driving New Generations of Scams" VG Bernd [0] https://www.wired.com/story/malicious-ads-in-search-results-are-driving-new… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

The Complete Active Directory Security Handbook
by Bernd Kohler 04 Dec '24

04 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "The Complete Active Directory Security Handbook" --> was auch immer komplett heißt VG Bernd [0] https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/the-complete-ac… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

APNIC - Post-Quantum Cryptography
by Bernd Kohler 03 Dec '24

03 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Post-Quantum Cryptography" VG Bernd [0] https://blog.apnic.net/2024/11/29/post-quantum-cryptography/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Another CA Fails the Turing Test?
by Bernd Kohler 03 Dec '24

03 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Another CA Fails the Turing Test?" --> es geht um: ICP-Brasil --> "... Certificate Authority (CA) has issued what is likely a man-in-the-middle (MITM) certificate—something strictly prohibited by all root programs. ..." --> weitere Details, siehe [1] --> siehe dazu auch "Government CAs and the WebPKI: Trust is Often the Opposite of Security" [2] VG Bernd [0] https://unmitigatedrisk.com/?p=908 [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1934361 [2] https://unmitigatedrisk.com/?p=911 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

OtterRoot: Netfilter Universal Root 1-day
by Bernd Kohler 03 Dec '24

03 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "OtterRoot: Netfilter Universal Root 1-day" VG Bernd [0] https://osec.io/blog/2024-11-25-netfilter-universal-root-1-day -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Zero-Day Exploit Code Released for Windows Task Scheduler Flaw
by Bernd Kohler 03 Dec '24

03 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Zero-Day Exploit Code Released for Windows Task Scheduler Flaw (CVE-2024-49039), Actively Exploited by RomCom Group" VG Bernd [0] https://securityonline.info/zero-day-exploit-code-released-for-windows-task… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Update on Exchange Server ADFS Modern Authentication support
by Bernd Kohler 03 Dec '24

03 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Update on Exchange Server ADFS Modern Authentication support" VG Bernd [0] https://techcommunity.microsoft.com/blog/exchange/update-on-exchange-server… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google
by Bernd Kohler 02 Dec '24

02 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play" VG Bernd [0] https://thehackernews.com/2024/12/8-million-android-users-hit-by-spyloan.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Bootkitty: Analyzing the first UEFI bootkit for Linux
by Bernd Kohler 02 Dec '24

02 Dec '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Bootkitty: Analyzing the first UEFI bootkit for Linux" VG Bernd [0] https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-u… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 1