Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: devices
iPhone survives fall from almost 5 km after flight 1282 accident
[German]In the USA, an iPhone and another smartphone were found to have survived a free fall from a height of around 4.8 km from an airplane in which a door had broken off in flight. The iPhone was even still … Continue reading
DICOM protocol: Millions of patient data accessible unprotected via the Internet
[German]It's a very unpleasant situation: the DICOM protocol has been used for decades to exchange X-ray images or images from other imaging procedures with clinics and doctors, for example. It wasn't a problem until someone came up with the idea … Continue reading
LogoFAIL: Critical vulnerabilities in the UEFI code
[German]There are several critical vulnerabilities in the UEFI code of the firmware of various BIOS/UEFI implementations that could be used to inject malware into a system. The whole thing was already announced by the Binarly REsearch Team on November 29, … Continue reading
Zyxel warns of critical security vulnerabilities in NAS devices
[German]Does anyone operate a Zyxel NAS in their environment? The Taiwanese manufacturer has just warned of several vulnerabilities in the firmware of these devices. Three critical vulnerabilities allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage … Continue reading
Security risks from web cams; Hikvision cameras and NVR with security risk
[German]Security cameras with vulnerabilities pose a risk to their owners. The same applies to webcams, which can often be taken over by attackers. Cameras and NVRs (Network Video Recorder) from the manufacturer Hikvision have vulnerabilities that can be exploited by … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Fingerprint sensors and thus Windows Hello can be bypassed via vulnerabilities
[German]Microsoft is using Windows Hello in its operating system for password-free login. This is supposed to be more secure than a password, as it cannot be stolen. Security researchers were asked by Microsoft's Offensive Research and Security Engineering (MORSE) to … Continue reading
QNAP warns of vulnerabilities CVE-2023-23368, CVE-2023-23369 in QTS
[German]Catching up from last week – the NAS manufacturer QNAP has published a security warning for its QTS operating system for NAS stations. The critical vulnerability CVE-2023-23368 (CVSS Index 9.8) allows remote execution of commands in older QTS versions. Another … Continue reading
HP toner: Purchase from distributor only after B2B registration?
[German]Strange development in the area of printer consumables at the manufacturer HP. The fact that ink cartridges from third-party suppliers are blocked by firmware updates is nothing new. I have also discussed ink subscriptions for HP devices here on the … Continue reading
Samsung Galaxy A51: Smartphone hangs after update in Odin mode "AVB Fail"
[German]It looks to me as if a software update (OTA update) has been "bricking" Samsung Galaxy A51 series devices since the beginning of November 2023. The devices remain stuck in Odin mode with the message "AVB Fail" during or after … Continue reading
Posted in Android, devices, issue
Tagged Android, issue, Samsung Galaxy A51, Smartphone
Leave a comment
Citrix Bleed: Vulnerability CVE-2023-4966 leaks session tokens in NetScaler ADC and Gateway, PoC available
[German]I would guess that Citrix users on unpatched instances are "under fire" once again, because more information is now available on the recently disclosed vulnerability CVE-2023-4966. Under the term "Citrix Bleed", security researchers have described how Citrix NetScaler ADC and … Continue reading