- rwth-security - lists.rwth-aachen.de

RFC 9288 - Recommendations on the Filtering of IPv6 Packets
by Bernd Kohler 19 Aug '22

19 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] und [1] FYI "RFC 9288" - Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers (siehe dazu auch RFC 9098 [1] -Operational Implications of IPv6 Packets with Extension Headers) VG Bernd [0] https://www.rfc-editor.org/rfc/rfc9288.txt [1] https://www.rfc-editor.org/rfc/rfc9098.txt -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Strelka Web UI (browser / API based file submission)
by Bernd Kohler 18 Aug '22

18 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Strelka Web UI is a browser / API based file submission" VG Bernd [0] https://github.com/target/strelka-ui -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

BlueHound (open-sourced) - pinpoint the security issues that actually
by Bernd Kohler 15 Aug '22

15 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] bis [2] FYI BlueHound: Community Driven Resilience. "... tool to scan internal networks and tell IT teams what paths an attacker would/could take if they ever compromised them ..." --> hier liegt die Betonung auf *internal network* VG Bernd [0] https://zeronetworks.com/blog/bluehound-community-driven-resilience/ [1] https://github.com/zeronetworks/BlueHound [2] https://www.youtube.com/watch?v=WVup5tnURoM -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Smap - passive Nmap like scanner built with shodan.io
by Bernd Kohler 09 Aug '22

09 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Smap" - passive Nmap like scanner built with shodan.io --> "... replica of Nmap which uses shodan.io's free API for port scanning ..." VG Bernd [0] https://github.com/s0md3v/smap/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Malware New Linux Malware Brute Force Credentials and Gain Access to
by Bernd Kohler 05 Aug '22

05 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Malware New Linux Malware Brute Force Credentials and Gain Access to SSH Servers" VG Bernd [0] https://cybersecuritynews.com/new-linux-malware-brute-force-credentials/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

massive widespread malware attack on @github
by Bernd Kohler 03 Aug '22

03 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "... massive widespread malware attack on @github ..." VG Bernd [0] https://twitter.com/stephenlacy/status/1554697077430505473 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

2 3

Microsoft Defender now better at blocking ransomware on Windows 11
by Bernd Kohler 02 Aug '22

02 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft Defender now better at blocking ransomware on Windows 11" VG Bernd [0] https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-now-bett… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Post-quantum encryption contender is taken out by single-core PC and
by Bernd Kohler 02 Aug '22

02 Aug '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Post-quantum encryption contender is taken out by single-core PC and 1 hour" VG Bernd [0] https://arstechnica.com/information-technology/2022/08/sike-once-a-post-qua… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Blocking ISO mounting
by Bernd Kohler 29 Jul '22

29 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Blocking ISO mounting" --> "... malware mounting ISOs as a method of bypassing AV and EDR ..." VG Bernd [0] https://malicious.link/post/2022/blocking-iso-mounting/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Samba AD users can forge password change requests for any user.
by Bernd Kohler 28 Jul '22

28 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Samba AD users can forge password change requests for any user." --> "... enabling full domain takeover .." VG Bernd [0] https://www.samba.org/samba/security/CVE-2022-32744.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0