Category Archives: Security

Windows Patchday news: MSHTML 0-day vulnerability CVE-2024-38112 exploited by malware

[German]A small addendum to the July 2024 patchday at Microsoft. With the security updates, Microsoft has also closed an MSHTML spoofing vulnerability. There was information that this vulnerability (CVE-2024-38112) was and is being exploited by malware. The vulnerability is in … Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

Advertising

US data brokers offer 3.6 billion location data of German cell phone users

[German]Research by several German media outlets reveals that US data brokers are offering the locations of cell phone users in Germany. Some of the data can even be accessed free of charge, as research by netzpolitik.org and BR shows. A … Continue reading

Posted in Security | Tagged , , | Leave a comment

How to find weak passwords in Active Directory and eliminate them with PowerShell

[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...

An open API at Deutsche Telekom is leaking user data

[English]German security expert Lilith Wittmann discovered an unprotected API from Deutsche Telekom, that can be used, to retrieve details about landline connections via their internet access. She set up a website that can be used to retrieve data from Telekom's … Continue reading

Posted in Security | Tagged | 1 Comment

Advertising

Cloud expansion jeopardized by lack of security know-how?

[German]An exciting story: everything is (at least it feels like it is) moving into the cloud. But the German companies that are already in the cloud are facing serious security problems. Security provider Tenable has taken a closer look and … Continue reading

Posted in Allgemein, Cloud, Security | Tagged , | Leave a comment

User identification via Chromium browser (Chrome, Edge, Brave)?

[German]Luca Casonato already pointed out an issue in connection with Chromium browsers on July 9, 2024. In the browser, all Google websites are granted full access to system data such as CPU usage, GPU utilization, memory usage and processor information … Continue reading

Posted in browser, Security | Tagged , | Leave a comment

Advertising

Outlook to Exchange auto-discovery and the duplicate .com.com domain

[German]I'm posting a curious reader observation here in the blog. It's about the auto-discovery of e-mail recipients in Outlook via the auto-discovery service in Microsoft Exchange. One reader noticed a crude problem in this context. Someone seems to have registered … Continue reading

Posted in Allgemein, Security, Software | Tagged , , | Leave a comment

Microsoft Office Updates (July 9, 2024)

[German]On July 9, 2024 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. Below you will find an overview of … Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

Blast RADIUS attack enables RADIUS authentication to be bypassed

[German]A vulnerability (CVE-2024-3596) discovered by security researchers makes it possible to log into a network using the RADIUS network authentication protocol without further authentication. The vulnerability, called Blast-RADIUS, could jeopardize network security in companies because RADIUS network authentication can be … Continue reading

Posted in Security, Software, Windows | Tagged , , | Leave a comment

Advertising

Windows Server 2012 / R2 und Windows 7 (July 9, 2024)

[German]Various security updates for Windows Server 2012/R2 (1st ESU year) were published on July 9, 2024. Support for Windows 7 SP1 and Windows Server 2008 R2 expired in January 2024. However, updates for Windows Embedded Standard 7 can be downloaded … Continue reading

Posted in Security, Update, Windows | Tagged , , , , | Leave a comment

Patchday: Windows 11/Server 2022-Updates (July 9, 2024)

[German]On July 9, 2024 (second Tuesday of the month, patch day at Microsoft), Microsoft also released cumulative updates for Windows 11 23H2 to 21H2. Windows Server 2022 and Windows Server 23H2 also received updates. Here are some details about these … Continue reading

Posted in Security, Update, Windows | Tagged , , , , | 3 Comments