Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Security provider Cyren goes into liquidation – NoSpamProxy and several other vendors affected
[German]Information for users who use security features of the provider Cyren (e.g. NoSpamProxy). The provider Cyren is in economic difficulties and will probably be liquidated – the relevant services will be discontinued. The provider NoSpamProxy has already reacted and plans … Continue reading
HP PC BIOS Security Updates (Feb. 2023)
[German]Vendor HP published a security article on February 21, 2023, addressing BIOS updates for HP systems. Potential time-of-check to time-of-use (TOCTOU) vulnerabilities in the BIOS of certain HP PC products have been identified, allowing for arbitrary code execution, denial of … Continue reading
Microsoft Defender is forcibly installed for Microsoft 365 users
[German]Microsoft Defender is already integrated into the operating system as virus protection in Windows 10 and Windows 11. However, Microsoft has further plans and wants to integrate the Microsoft Defender app into its Microsoft 365 product (for consumers). This means … Continue reading
Windows 10/11: Microsoft still ships old version of cURL lib with vulnerabilities (Feb. 2023)
[German]It's a messy story that I'm posting here on the blog again. Microsoft fails to ship cURL with Windows 10/11 in such a way that the software is up to date and no longer has known vulnerabilities. I had already … Continue reading
Software Restriction Policies (SAFER) still possible under Windows 11 22H2 …
[German]We was told, that Software Restriction Policies and SAFER no longer work out-of-the-box under Windows 11 22H2. This is caused by registry entries left in the ISO images, that make Windows 11 think that AppLocker is active (although it itsn't). … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Mirai malware variant V3G4 enables remote access to IoT devices via vulnerabilities
[German]Palo Alto Networks has discovered a new variant of the Mirai malware. The Mirai variant V3G4 exploits multiple vulnerabilities in the firmware of IoT devices to allow remote access. Palo Alto Networks Unit 42 security researchers observed the Mirai variant, … Continue reading
Google Chrome Version 110.0.5481.177/.178
[German]Google has released updates to Google Chrome Browser 110 in the stable channel for Mac, Linux and Windows as of February 22, 2023. Mac and Linux now reach version 110.0.5481.177, while for Windows, versions 110.0.5481.177/.178 are ready. It is a … Continue reading
U.S. Defense Department email server unprotected on the Internet for 2 weeks
[German]Big fail that happened to U.S. Department of Defense (DoD) IT administrators. This week Monday, U.S. Department of Defense strategists secured an unprotected server that had been used to leak terabytes of internal U.S. military emails onto the Internet for … Continue reading
Caution: Exposed Wi Fi password in Windows
[German]Maybe it is common knowledge – I was not aware of it: Locally logged in users can retrieve the password of a Wi Fi (WLAN) under Windows if it was entered under the same user account. This does not require … Continue reading
Fortinet fixes critical RCE vulnerabilities in FortiNAC and FortiWeb
[German]Administrators of Fortinet's FortiNAC and FortiWeb need to take action. The vendor released a security advisory this week and fixed critical RCE vulnerabilities. The question that arises: Why only now, isn't the vulnerability CVE-2021-42756 probably known since 2021? Is there … Continue reading