- rwth-security - lists.rwth-aachen.de

EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)
by Bernd Kohler 22 Dec '22

22 Dec '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)" VG Bernd [0] https://www.willsroot.io/2022/12/entrybleed.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Mozilla, Microsoft drop Trustcor as root certificate authority
by Bernd Kohler 21 Dec '22

21 Dec '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Mozilla, Microsoft drop Trustcor as root certificate authority" --> Google auch, siehe [1] --> Hintergründe siehe [2] VG Bernd [0] https://www.techtarget.com/searchsecurity/news/252527914/Mozilla-Microsoft-… [1] https://blog.esper.io/android-14-updatable-certificates/ [2] https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Critical Windows code-execution vulnerability went undetected until
by Bernd Kohler 20 Dec '22

20 Dec '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Critical Windows code-execution vulnerability went undetected until now" VG Bernd [0] https://arstechnica.com/information-technology/2022/12/critical-windows-cod… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Let's Encrypt now supports ACME-CAA
by Bernd Kohler 19 Dec '22

19 Dec '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Let's Encrypt now supports ACME-CAA: closing the DV loophole" VG Bernd [0] https://www.devever.net/~hl/acme-caa-live -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic
by Bernd Kohler 16 Dec '22

16 Dec '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm" VG Bernd [0] https://thehackernews.com/2022/12/goodbye-sha-1-nist-retires-27-year-old.ht… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Securing tomorrow today: Why Google now protects its internal
by Bernd Kohler 29 Nov '22

29 Nov '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Securing tomorrow today: Why Google now protects its internal communications from quantum threats" VG Bernd [0] https://cloud.google.com/blog/products/identity-security/why-google-now-use… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Windows - How to disable ISO mounting
by Bernd Kohler 23 Nov '22

23 Nov '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "How to disable ISO mounting" --> es geht um "... threat actors moving to an alternate technique, sending disk image (.ISO, .IMG) files, often inside a ZIP archive. ..." VG Bernd [0] https://support.huntress.io/hc/en-us/articles/11477430445587-How-to-disable… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

KmsdBot – A Malware Written in Golang Infects Via SSH To Perform DDoS Attack
by Bernd Kohler 16 Nov '22

16 Nov '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "KmsdBot – A Malware Written in Golang Infects Via SSH To Perform DDoS Attack" VG Bernd [0] https://gbhackers.com/kmsdbot-a-malware-written-in-golang-infects-via-ssh/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Beware! Massive YouTube Campaign Aimed to Steal Login Credentials
by Bernd Kohler 15 Nov '22

15 Nov '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Beware! Massive YouTube Campaign Aimed to Steal Login Credentials" VG Bernd [0] https://gbhackers.com/beware-of-massive-youtube-campaign/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Yamato Security's Ultimate Windows Event Log Configuration Guide For
by Bernd Kohler 10 Nov '22

10 Nov '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Yamato Security's Ultimate Windows Event Log Configuration Guide For DFIR And Threat Hunting" --> Tipps und Skripts VG Bernd [0] https://github.com/Yamato-Security/EnableWindowsLogSettings -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0