Archive for the ‘Security Solution’ Category

Linux command ’sudo‘ – with version 1.9.14, attackers can gain root access with simple user rights

Donnerstag, Juli 3rd, 2025

Linux command ’sudo‘  – before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the –chroot option

Bundesamtes für Sicherheit in der Informationstechnik (BSI) – Übersichtsseite zu Künstlicher Intelligenz (KI) publiziert

Dienstag, Juli 1st, 2025

Google Chrome OS Version 138.0.7204.97 – steht zum Download bereit

Dienstag, Juli 1st, 2025

Google Chrome OS Version 138.0.7204.50 – steht zum Download bereit

Mittwoch, Juni 25th, 2025

Citrix – closes security vulnerabilities in Netscaler ADC and Gateway

Mittwoch, Juni 18th, 2025
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694718
https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694724

Google Chrome OS Version 137.0.7151.120 – steht zum Download bereit

Dienstag, Juni 17th, 2025

Trend Micro – SECURITY BULLETIN June 2025

Donnerstag, Juni 12th, 2025

Trend Micro – SECURITY BULLETIN June 2025

Google Chrome OS Version 137.0.7151.104 – steht zum Download bereit

Dienstag, Juni 10th, 2025

Wireshark 4.4.7 Portable – the current stable release

Dienstag, Juni 10th, 2025

Wireshark 4.4.7 – release notes

Google Chrome OS Version 137.0.7151.69 – steht zum Download bereit

Dienstag, Juni 3rd, 2025

Google Chrome OS Version 137.0.7151.41 – steht zum Download bereit

Montag, Mai 26th, 2025

Bundesamtes für Sicherheit in der Informationstechnik (BSI) Präsidentin Claudia Plattner – wenn wir jetzt nicht handeln laufen wir in das Risiko dass Angreifer unsere Infrastruktur schwächen

Sonntag, Mai 25th, 2025

Bundesamt für Sicherheit in der Informationstechnik (BSI) – Microsoft bestätigt eine kritische Zero-Day-Schwachstelle in Windows (CVE-2025-30397) die aktiv von Angreifern ausgenutzt wird

Freitag, Mai 16th, 2025

Google Chrome OS Version 136.0.7103.114 – steht zum Download bereit

Donnerstag, Mai 15th, 2025

Home Lab 2025 – generate self signed certificates with OpenSSL to secure your servers

Mittwoch, Mai 14th, 2025

Certificate Authority

Generate the Certificate Authority (CA) Private Key

Every certificate must have a corresponding private key. Generate this using the following command line

# openssl ecparam -name prime256v1 -genkey -noout -out ca.key

This will create a 256-bit private key over an elliptic curve, which is the industry standard. We know that Curve25519 is considered safer than this NIST P-256 curve but it is only standardized in TLS 1.3 which is not yet widely supported

Generate the Certificate Authority Certificate

The CA generates and issues certificates. Here is a link to additional resources if you wish to learn more about this.

Generate the Root CA certificate using the following command line

# openssl req -new -x509 -sha256 -key ca.key -out ca.crt

You will be prompted to provide some information about the CA. Here is what the request looks like:

You are about to be asked to enter information that will be incorporated into your certificate request
What you are about to enter is what is called a Distinguished Name or a DN
Country Name (2 letter code) [AU]:CA
State or Province Name (full name) [Some-State]:QC
Locality Name (eg, city) []:Lavaltrie
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Devolutions inc.
Organizational Unit Name (eg, section) []:Security
Common Name (e.g. server FQDN or YOUR name) []:devolutions.net
Email Address []:security@devolutions.net

Your CA certificate is now created. Keep its private key in a safe place

Generate your server certificate

This step may be repeated for each server you need

Generate the server certificate private key

Like the CA certificate use the following command line

# openssl ecparam -name prime256v1 -genkey -noout -out server.key

This will create a file name server.key