- rwth-security - lists.rwth-aachen.de

CVE-2024-5102: Avast Antivirus Flaw Could Allow Hackers to Delete
by Bernd Kohler 04 Oct '24

04 Oct '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-5102: Avast Antivirus Flaw Could Allow Hackers to Delete Files and Run Code as SYSTEM" --> "... Avast has addressed this vulnerability in version 24.2 and later of their antivirus software ... prioritize updating to the latest version ..." VG Bernd [0] https://securityonline.info/cve-2024-5102-avast-antivirus-flaw-could-allow-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra
by Bernd Kohler 02 Oct '24

02 Oct '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw" --> Update auf Version 8.8.15 Patch 46 / 9.0.0 Patch 41 / 10.0.9, oder 10.1.1 (Released vom 0409.2024, siehe [1] VG Bernd [0] https://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html [1] https://wiki.zimbra.com/wiki/Security_Center -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

A Network of AI ‘Nudify’ Sites Are a Front for Notorious Russian Hackers
by Bernd Kohler 02 Oct '24

02 Oct '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "A Network of AI ‘Nudify’ Sites Are a Front for Notorious Russian Hackers" --> "... AI to ‘nudify’ any photos uploaded are actually designed to infect users with powerful credential stealing malware ..." --> "... After uploading a photo to nudify, one of the sites then said a “trial is ready for download.” ..." --> "... download ultimately ends in the installation of RedLine infostealer malware ..." --> "... Some of the malware was distributed by Dropbox links ..." VG Bernd [0] https://www.404media.co/a-network-of-ai-nudify-sites-are-a-front-for-notori… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm
by Bernd Kohler 01 Oct '24

01 Oct '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet" VG Bernd [0] https://thehackernews.com/2024/10/new-cryptojacking-attack-targets-docker.h… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

𝜇CFI: Formal Verification of Microarchitectural Control-flow Integrity
by Bernd Kohler 01 Oct '24

01 Oct '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "𝜇CFI: Formal Verification of Microarchitectural Control-flow Integrity" VG Bernd [0] https://comsec.ethz.ch/research/hardware-design-security/mucfi/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Active Directory Security Guide
by Bernd Kohler 27 Sep '24

27 Sep '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Active Directory Security Guide" VG Bernd [0] https://github.com/mon-csirt/active-directory-security -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code
by Bernd Kohler 23 Sep '24

23 Sep '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk" --> "... exists a vulnerability in all publicly available examples of the ASF codebase ..." --> "... software is no longer supported and is rooted in IoT-centric code ..." --> "... affected versions include MediaTek SDK versions 7.4.0.1 and earlier, as well as OpenWrt 19.07 and 21.02 ..." --> "... patch for the vulnerability was released by MediaTek in March 2024 ..." wenn nötig ist der also bereits installiert ;) VG Bernd [0] https://thehackernews.com/2024/09/critical-flaw-in-microchip-asf-exposes.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New PondRAT Malware Hidden in Python Packages Targets Software
by Bernd Kohler 23 Sep '24

23 Sep '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New PondRAT Malware Hidden in Python Packages Targets Software Developers" - real-ids (893 downloads) - coloredtxt (381 downloads) - beautifultext (736 downloads) - minisound (416 downloads) VG Bernd [0] https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

CVE-2024-8698: Keycloak Vulnerability Puts SAML Authentication at
by Bernd Kohler 23 Sep '24

23 Sep '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-8698: Keycloak Vulnerability Puts SAML Authentication at Risk" VG Bernd [0] https://securityonline.info/cve-2024-8698-keycloak-vulnerability-puts-saml-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

This Windows PowerShell Phish Has Scary Potential
by Bernd Kohler 20 Sep '24

20 Sep '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "This Windows PowerShell Phish Has Scary Potential" --> know your keyboard shortcuts --> never blindly copy and paste VG Bernd [0] https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0