- rwth-security - lists.rwth-aachen.de

CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found
by Bernd Kohler 28 Nov '24

28 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix" VG Bernd [0] https://securityonline.info/cve-2024-42327-critical-sql-injection-vulnerabi… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

Unpatched NTLM Flaws Leave Microsoft Systems Vulnerable
by Bernd Kohler 27 Nov '24

27 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Exploit released for new Windows Server "WinReg" NTLM Relay attack" --> siehe dazu [1] --> finde auf [2] keinen Hinweis (oder übersehe etwas) --> Key recommendations auf [0] - Disabling NTLM Authentication - Blocking Outbound SMB Traffic - Educating End Users VG Bernd [0] https://securityonline.info/unpatched-ntlm-flaws-leave-microsoft-systems-vu… [1] https://blog.morphisec.com/5-ntlm-vulnerabilities-unpatched-privilege-escal… [2] https://heise.de/-10178400 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

certmitm - tool for testing for certificate validation
by Bernd Kohler 27 Nov '24

27 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "certmitm" --> tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application --> Folien und Video sidn auf [0] verlinkt git clone https://github.com/aapooksman/certmitm.git python -m venv certmitm/ cd certmitm/ source ./bin/activate pip install -r requirements.txt ... deactivate VG Bernd [0] https://github.com/aapooksman/certmitm -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

CVE-2024-8114: GitLab Vulnerability Allows Privilege Escalation
by Bernd Kohler 27 Nov '24

27 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-8114: GitLab Vulnerability Allows Privilege Escalation" VG Bernd [0] https://securityonline.info/cve-2024-8114-gitlab-vulnerability-allows-privi… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC
by Bernd Kohler 27 Nov '24

27 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published" VG Bernd [0] https://securityonline.info/macos-vulnerability-cve-2023-32428-grants-root-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Over a Third of Firms Struggling With Shadow AI
by Bernd Kohler 26 Nov '24

26 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Over a Third of Firms Struggling With Shadow AI" VG Bernd [0] https://www.infosecurity-magazine.com/news/over-third-firms-struggling-shad… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges
by Bernd Kohler 26 Nov '24

26 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate Update" VG Bernd [0] https://securityonline.info/php-patches-multi-flaws-including-cve-2024-8932… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Windows security and resiliency: Protecting your business
by Bernd Kohler 24 Nov '24

24 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Windows security and resiliency: Protecting your business" u.a. - Administrator protection "... user is prompted to securely authorize the change using Windows Hello. Windows creates a temporary isolated admin token to get the job done. This temporary token is immediately destroyed once the task is complete, ensuring that admin privileges do not persist. Administrator protection helps ensure that users, and not malware, remain in control of system resources ..." - Safe Deployment Practices "... ensure any negative impact from updates is kept to a minimum ..." "... developing new Windows capabilities that will allow security product developers to build their products outside of kernel mode ..." - Hotpatch in Windows "... introduced for Windows 11 Enterprise 24H2 and Windows 365. This revolutionary feature allows businesses to apply critical security updates without requiring a system restart, ..." VG Bernd [0] https://blogs.windows.com/windowsexperience/2024/11/19/windows-security-and… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Microsoft testing Windows 11 support for third-party passkeys
by Bernd Kohler 24 Nov '24

24 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft testing Windows 11 support for third-party passkeys" --> "... add support for support for using third-party passkey providers for Windows 11 passwordless authentication. Passkeys use biometric authentication, such as fingerprints and facial recognition, to provide a more secure and convenient alternative to traditional passwords ..." VG Bernd [0] https://www.bleepingcomputer.com/news/security/microsoft-testing-windows-11… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Malicious Update in Python Crypto Library Targets Private Keys via
by Bernd Kohler 24 Nov '24

24 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Malicious Update in Python Crypto Library Targets Private Keys via Telegram" --> "... PyPI package aiocpa ..." VG Bernd [0] https://securityonline.info/malicious-update-in-python-crypto-library-targe… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0