- rwth-security - lists.rwth-aachen.de

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal
by Bernd Kohler 28 Aug '24

28 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials" VG Bernd [0] https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Intel's Software Guard Extensions broken? Don't panic
by Bernd Kohler 28 Aug '24

28 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Intel's Software Guard Extensions broken? Don't panic" VG Bernd [0] https://www.theregister.com/2024/08/27/intel_root_key_xeons/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Attacks by malware abusing AppDomainManager Injection
by Bernd Kohler 27 Aug '24

27 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Attacks by malware abusing AppDomainManager Injection" VG Bernd [0] https://jp.security.ntt/tech_blog/appdomainmanager-injection-en -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Agentic Security - open-source Agentic LLM Vulnerability Scanner
by Bernd Kohler 27 Aug '24

27 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Agentic Security" --> open-source Agentic LLM Vulnerability Scanner VG Bernd [0] https://github.com/msoedov/agentic_security -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

SMB security hardening in Windows Server 2025 & Windows 11
by Bernd Kohler 27 Aug '24

27 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "SMB security hardening in Windows Server 2025 & Windows 11" VG Bernd [0] https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-security-ha… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

GNU/Linux Sandboxing - A Brief Review
by Bernd Kohler 27 Aug '24

27 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "GNU/Linux Sandboxing - A Brief Review" VG Bernd [0] https://hardenedlinux.org/blog/2024-08-20-gnu/linux-sandboxing-a-brief-revi… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules
by Bernd Kohler 27 Aug '24

27 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI 'Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules" --> siehe dazu auch [1] --> ein PoC gibt es auf [2] --> hier hilft - regelmäßiges Monitoren der Regeln in /etc/udev/rules.d/ - zudem besonderes Augenmerkauf Regeln mit "RUN+=/path/to/code" VG Bernd [0] https://www.aon.com/en/insights/cyber-labs/unveiling-sedexp [1] https://ch4ik0.github.io/en/posts/leveraging-Linux-udev-for-persistence/ [2] https://github.com/grahamhelton/USP -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

New Linux Kernel Exploit Technique 'SLUBStick' Discovered by
by Bernd Kohler 26 Aug '24

26 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers" VG Bernd [0] https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 1

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
by Bernd Kohler 23 Aug '24

23 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Be careful what you pwish for – Phishing in PWA applications" --> "... stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints ..." --> "... attack, detected in July 2024, involved infiltrating the target network via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA), with the threat actors conducting post-exploitation actions 18 days after initial access took place ..." --> "... Once the attacker reached the domain controller in question ..." VG Bernd [0] https://thehackernews.com/2024/08/new-qilin-ransomware-attack-uses-vpn.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Urgent Edge Security Update: Microsoft Patches Zero-day & RCE
by Bernd Kohler 23 Aug '24

23 Aug '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities" VG Bernd [0] https://securityonline.info/urgent-edge-security-update-microsoft-patches-z… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0