Fabian Bäumer @skrillor - Bluesky Profile

Fabian Bäumer

@skrillor.bsky.social

PhD Student @ruhr-uni-bochum.de | 🐢 Terrapin Attack | Interested in anything related to SSH and protocol security in general | Mastodon: @Skrillor@infosec.exchange

36 Followers | 103 Following | 3 Posts | Joined: 21.01.2025 | 1.5486

Latest posts by skrillor.bsky.social on Bluesky

We found a new vulnerability in TLS. It's a variant of the ALPACA attack that bypasses current countermeasures. Relativly low impact - but great insight! Check it out: opossum-attack.com

08.07.2025 12:26 — 👍 12 🔁 8 💬 1 📌 0

Unauthenticated Remote Code Execution in Erlang/OTP SSH ### Summary A serious vulnerability has been identified in the Erlang/OTP SSH server that may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SS...

Affected versions:

<= OTP-27.3.2
<= OTP-26.2.5.10
<= OTP-25.3.2.19.

Fixed versions are OTP-27.3.3, OTP-26.2.5.11, OTP-25.3.2.20.

Link to the security advisory over on GitHub: github.com/erlang/otp/s...

16.04.2025 17:15 — 👍 2 🔁 0 💬 0 📌 0

Mitigation:

To mitigate this issue, please update to the latest version of Erlang/OTP as soon as possible. As an immediate workaround, prevent access via appropriate firewall rules.

16.04.2025 17:15 — 👍 2 🔁 0 💬 1 📌 0

We (@lambdafu.bsky.social & me) found a critical security vulnerability in the #Erlang/OTP SSH daemon that allow attackers to execute arbitrary code via network access on devices running Erlang/OTP SSH servers.

This vulnerability is #CVE-2025-32433, patches out now. Estimated CVSSv3 10.

16.04.2025 17:15 — 👍 8 🔁 3 💬 1 📌 0

@skrillor is following 20 prominent accounts

Louis Jannett
@lonetis

SSO + Web Security | PhD Student @ Ruhr University Bochum

Network Operations Center RUB
@noc.rub.de

Hier informiert das RUB-NOC über aktuelle Neuigkeiten und Ereignisse rund ums Datennetz der @ruhr-uni-bochum.de

Wissenschaftsrat
@wissenschaftsrat.de

Das wichtigste wissenschaftspolitische Beratungsgremium in Deutschland. ⚖️ https://www.wissenschaftsrat.de/impressum ▶️ youtube.com/@wissrat 🎙️ https://9te-etage.podigee.io

Matteo Scarlata
@hjkl.space

The New York Times
@nytimes.com

In-depth, independent reporting to better understand the world, now on Bluesky. News tips? Share them here: http://nyti.ms/2FVHq9v

Ars Technica
@arstechnica.com

Original news, reviews, analysis of tech trends, and expert advice on the most fundamental aspects of tech.

Daniel Klischies
@dklischies

Firmware/OS/Cellular Security Research @ruhr-uni-bochum.de

Christian Mainka
@chearix.de

Web and Data Security Researcher @uni-wuppertal.bsky.social Topics: SOP, XS-Leaks, SSO, OAuth, OpenID, PDF, ODF (Private Account) christianmainka.de

Lukas Giner
@giner.cc

Postdoc @Coresec Graz

Anna Pätschke
@paetscan

PhD student 📍 University of Luebeck, Institute for IT Security

Tibor Jager
@tiborj

Cryptography Researcher at Bergische University Wuppertal. Seeking wisdom, but hasn’t found it yet.

Nigel Smart
@smartcryptology

Cryptographer

Martin R. Albrecht
@malb

Cryptography Professor at King's College London and Principal Research Scientist at SandboxAQ. Erdős–Bacon Number: 6. He/him or they/them. https://malb.io

Kenny Paterson
@kennyog

Bit flipper

Matthew Green
@matthewdgreen

I teach cryptography at Johns Hopkins. https://blog.cryptographyengineering.com

Nils Fleischhacker
@cryptomaeher

Assistant Professor for Theoretical Cryptography at Ruhr University Bochum. Opinions probably someone else's. he/him

linuzifer
@linuzifer

Ein Teil von jener Kraft, die stets das Böse will und stets das Gute schafft. @linuzifer@23.social http://linus-neumann.de

Signal
@signal.org

Signal is an end-to-end encrypted messaging app. Privacy isn’t an optional mode, it’s just the way that Signal works. Every message, every call, every time.

Peter Schwabe
@cryptojedi

Researcher in cryptographic engineering at MPI-SP.

Christina Scholten
@tin-sc

Science Communicator/ PR-Manager for the Cluster of Excellence CASA +HGI @Ruhr University Bochum. Complexity Lover. Forest Friend.