- rwth-security - lists.rwth-aachen.de

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "ADCS Attack Paths in BloodHound" (Teil 1) Infos zu BloodHound [1] "... uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. ... Defenders can use BloodHound to identify and eliminate those same attack paths ..." bzw. FalconHound [2] "... allows you to utilize and enhance the power of BloodHound in a more automated fashion ... designed to be used in conjunction with a SIEM or other log aggregation tool ..." VG Bernd [0] https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-1-799f3d3b… [1] https://github.com/BloodHoundAD/BloodHound [2] https://github.com/FalconForceTeam/FalconHound -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 1 Woche

1
1
0 0

BSI - Position Paper on Quantum Key Distribution

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Position Paper on Quantum Key Distribution" --> gemeinsamer Report von - ANSSI (FR) - BSI (DE) - NSNLA (NL) - NCSA (SE) VG Bernd [0] https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Crypto/Quantum_Position… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 1 Woche

1
0
0 0

5G-Spector

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "5G-Spector" --> "... Open Radio Access Network (O-RAN) compliant layer-3 cellular attack detection service ..." --> Paper: "5G-SPECTOR: An O-RAN Compliant Layer-3 Cellular Attack Detection Service" - siehe [1] VG Bernd [0] https://github.com/5GSEC/5G-Spector [1] https://web.cse.ohio-state.edu/~wen.423/papers/5G-Spector-NDSS24.pdf -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 1 Woche

1
0
0 0

SSH ProxyCommand == unexpected code execution (CVE-2023-51385)

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "SSH ProxyCommand == unexpected code execution (CVE-2023-51385)" --> bereist vom 17.12.2023 --> Infos von RedHat [1] --> Infos von Debian [2] --> Infos von Ubuntu [3] --> PoC [4] VG Bernd [0] https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-e… [1] https://access.redhat.com/security/cve/cve-2023-51385 [2] https://security-tracker.debian.org/tracker/CVE-2023-51385 [3] https://ubuntu.com/security/notices/USN-6565-1 [4] https://github.com/Le1a/CVE-2023-51385 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 1 Woche

1
0
0 0

Exploiting 0-click Android Bluetooth vulnerability to inject

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing" --> critical vulnerabilities (CVE-2023-45866, CVE-2024-21306) in Bluetooth --> can be exploited to inject keystrokes without user confirmation – by accepting any Bluetooth pairing request --> affect Android, Linux, macOS, iOS, and Windows operating systems ein PoC findet sich auf [1] VG Bernd [0] https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetoo… [1] https://github.com/marcnewlin/hi_my_name_is_keyboard -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

5 Monate, 1 Woche

1
0
0 0

About Stolen Device Protection for iPhone

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "About Stolen Device Protection for iPhone" --> "... adds a layer of security when your iPhone is away from familiar locations, such as home or work, and helps protect your accounts and personal information in case your iPhone is ever stolen ..." VG Bernd [0] https://support.apple.com/en-us/HT212510 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

5 Monate, 1 Woche

1
0
0 0

iPhone, Android Ambient Light Sensors Allow Stealthy Spying

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "iPhone, Android Ambient Light Sensors Allow Stealthy Spying" VG Bernd [0] https://www.darkreading.com/endpoint-security/iphone-android-ambient-light-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 2 Wochen

1
0
0 0

npm Package Found Delivering Sophisticated RAT

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "npm Package Found Delivering Sophisticated RAT" --> "... It was signed 2023 NOV 06 using a certificate that was revoked 2023 MAR 09. ..." VG Bernd [0] https://blog.phylum.io/npm-package-found-delivering-sophisticated-rat/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 2 Wochen

1
0
0 0

TeamViewer abused to breach networks in new ransomware attacks

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "TeamViewer abused to breach networks in new ransomware attacks" VG Bernd [0] https://www.bleepingcomputer.com/news/security/teamviewer-abused-to-breach-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 2 Wochen

1
0
0 0

Locksmith - small tool built to detect and fix common

von Bernd Kohler

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Locksmith" - small tool built to detect and fix common misconfigurations in Active Directory Certificate Services. --> siehe dazu auch den Artikel [1] von Mandiant "Active Directory Certificate Services: Modern Attack Paths, Mitigations, and Hardening" VG Bernd [0] https://github.com/TrimarcJake/Locksmith [1] https://services.google.com/fh/files/misc/active-directory-certificate-serv… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

5 Monate, 2 Wochen

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

rwth-security