- rwth-security - lists.rwth-aachen.de

SSHFS - project is no longer maintained or developed
by Bernd Kohler 12 Jul '22

12 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "SSHFS - This Project is Orphaned" --> "... project is no longer maintained or developed ..." wird wohl zeitnah aus Repos entfernt werden wer das mouten via ssh genutzt hat muss sich nun nach einer Alternative umschauen. VG Bernd [0] https://github.com/libfuse/sshfs -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

HardeningKitty and Windows 10 Hardening
by Bernd Kohler 07 Jul '22

07 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "HardeningKitty and Windows 10 Hardening" VG Bernd [0] https://github.com/0x6d69636b/windows_hardening/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Automating binary vulnerability discovery with Ghidra and Semgrep
by Bernd Kohler 07 Jul '22

07 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Automating binary vulnerability discovery with Ghidra and Semgrep" VG Bernd [0] https://security.humanativaspa.it/automating-binary-vulnerability-discovery… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Push Comes To Shove: exploring the attack surface of SCCM Client Push
by Bernd Kohler 07 Jul '22

07 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Push Comes To Shove: exploring the attack surface of SCCM Client Push Accounts" VG Bernd [0] https://www.hub.trimarcsecurity.com/post/push-comes-to-shove-exploring-the-… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Typo-squatting NPM software supply chain attack uncovered
by Bernd Kohler 06 Jul '22

06 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Typo-squatting NPM software supply chain attack uncovered" VG Bernd [0] https://www.theregister.com/2022/07/06/npm_supply_chain_attack/ -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Chain-bench - open-source tool for auditing software supply chain
by Bernd Kohler 06 Jul '22

06 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Chain-bench" --> open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark [1] VG Bernd [0] https://github.com/aquasecurity/chain-bench [1] https://github.com/aquasecurity/chain-bench/blob/main/docs/CIS-Software-Sup… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution
by Bernd Kohler 06 Jul '22

06 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow" VG Bernd [0] https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-t… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Post-quantum Signatures
by Bernd Kohler 06 Jul '22

06 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Post-quantum Signatures" VG Bernd [0] https://sofiaceli.com/2022/07/05/pq-signatures.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

Microsoft Exchange servers worldwide backdoored with new malware
by Bernd Kohler 01 Jul '22

01 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Microsoft Exchange servers worldwide backdoored with new malware" VG Bernd [0] https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-w… -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0

TLS - Top 1 Million Analysis - June 2022
by Bernd Kohler 01 Jul '22

01 Jul '22

Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Top 1 Million Analysis - June 2022" --> quasi TLS-Report, also Nutzung von HTTPS, HSTS, TLS Version, ... im Vergleich zu 6 Monaten früher [1] VG Bernd [0] https://www.venafi.com/blog/top-1-million-analysis-june-2022 [1] https://www.venafi.com/blog/crawler-report-top-1-million-analysis-2021 -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler(a)itc.rwth-aachen.de www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

1 0