- rwth-security - lists.rwth-aachen.de

CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes
by Bernd Kohler 24 Nov '24

24 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover" VG Bernd [0] https://securityonline.info/cve-2024-9511-cvss-9-8-critical-flaw-in-fluents… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby
by Bernd Kohler 24 Nov '24

24 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access" VG Bernd [0] https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Attacking Automotive RKE Security: How Smart are your ‘Smart’ Keys?
by Bernd Kohler 22 Nov '24

22 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Attacking Automotive RKE Security: How Smart are your ‘Smart’ Keys?" --> "... analyze the design, implementation, and security levels of 7 different cars manufactured by Honda, Maruti-Suzuki, Toyota, and Mahindra ..." VG Bernd [0] https://eprint.iacr.org/2024/1816 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 E-Mail: kohler(a)itc.rwth-aachen.de Web: https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen

1 0

CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command
by Bernd Kohler 21 Nov '24

21 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution" The affected versions of kubelet include: v1.30.0 to v1.30.2 v1.29.0 to v1.29.6 <= v1.28.11 VG Bernd [0] https://securityonline.info/cve-2024-10220-kubernetes-vulnerability-allows-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Fortinet VPN design flaw hides successful brute-force attacks
by Bernd Kohler 21 Nov '24

21 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Fortinet VPN design flaw hides successful brute-force attacks" VG Bernd [0] https://www.bleepingcomputer.com/news/security/fortinet-vpn-design-flaw-hid… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Malicious QR Codes: How big of a problem is it, really?
by Bernd Kohler 21 Nov '24

21 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Malicious QR Codes: How big of a problem is it, really?" VG Bernd [0] https://blog.talosintelligence.com/malicious_qr_codes/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

New Ghost Tap attack abuses NFC mobile payments to steal money
by Bernd Kohler 21 Nov '24

21 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "New Ghost Tap attack abuses NFC mobile payments to steal money" VG Bernd [0] https://www.bleepingcomputer.com/news/security/new-ghost-tap-attack-abuses-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Apple fixes two zero-days used in attacks on Intel-based Macs
by Bernd Kohler 19 Nov '24

19 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Apple fixes two zero-days used in attacks on Intel-based Macs" VG Bernd [0] https://www.bleepingcomputer.com/news/security/apple-fixes-two-zero-days-us… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Microsoft will soon let you clone your voice for Teams meetings
by Bernd Kohler 19 Nov '24

19 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft will soon let you clone your voice for Teams meetings" --> stellt sich natürlich die Frage, wie erkannt werden soll, das es die eigene Stimme ist und nicht die vom Lehrstuhlinhaber XY, dessen Vortragsvideos frei zugänglich sind VG Bernd [0] https://techcrunch.com/2024/11/19/soon-microsoft-will-let-teams-meeting-att… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Gmail's New Shielded Email Feature Lets Users Create Aliases for
by Bernd Kohler 18 Nov '24

18 Nov '24

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy" --> "... allows users to create email aliases when signing up for online services and better combat spam ..." VG Bernd [0] https://thehackernews.com/2024/11/shielded-email-googles-latest-tool-for.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0