Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Citrix and the Open SSL 3.0 vulnerabilities CVE-2022-3602, CVE-2022-3786
[German]Just a note for administrators of Citrix products. How do the recently disclosed Open SSL 3.0 vulnerabilities CVE-2022-3602 and CVE-2022-3786 affect security? Citrix has published an advisory on this, which reflects the results of internal investigations. Currently most Citrix products … Continue reading
Dropbox security incident regarding GitHub repositories
[German]The online storage provider Dropbox has announced a security incident. It is about the fact that unauthorized third parties probably gained access to Dropbox's GitHub repositories via phishing. The incident occurred back on October 14, 2022 and Dropbox was informed … Continue reading
OpenSSL 3.0.7 with security fixes released
[German]The update to OpenSSL 3.0.7 is now available on the project's pages. With this, the team of OpenSLL developers has the new version announced a few weeks ago for November 1, 2022. The announcement of the update to version 3.0.7 … Continue reading
nginx for Windows affected by OpenSSL privilege vulnerability
[German]Those who use nginx on Windows as a web server, reverse proxy and email proxy may have a problem. Sombody just found out that nginx for Windows in various versions like 1.22.1 has a vulnerability that allows privilege elevation for … Continue reading
Windows PowerShell backdoor discovered, mimicking as part of Windows Update process
[German]Security researchers from SafeBreach recently came across a previously unknown PowerShell backdoor in Windows. This uses a malicious Word document to inject the PowerShell scripts. The backdoor can list Active Directory users and remote desktops, and is presumably intended to … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Edge 107.0.1418.26 and 106.0.1370.61 fixes CVE-2022-3723
[German]Microsoft has updated the Edge browser in the stable channel to version 107.0.1418.26 as of October 29, 2022. This is a security update that fixes the CVE-2022-3723 vulnerability (Type Confusion in the V8 JavaScript engine). In addition, the Edge browser … Continue reading
OpenSSL 3.0.7 with patch for vulnerability on Nov. 1, 2022 announced
[German]A small advance notice for users of OpenSSL – there seems to be a vulnerability in the implementation of this software. Now the team of OpenSLL developers has announced that they will release an update to version 3.0.7 on November … Continue reading
Iran: Hacker attacks on nuclear energy agency and industrial facilities
[German]Since the political turmoil, government agencies and companies in Iran have found themselves in the focus of hackers who successfully break into IT systems. Web presences of TV stations are changed or the hackers penetrate IT systems and extract data. … Continue reading
Windows: 0Patch micropatch for MotW bypassing 0-day (no CVE)
[German]A new bug in Windows has been known for a few days that prevents the "Mark of the Web" flag from being evaluated for broken signatures. Microsoft itself has not yet released a patch for this 0-day vulnerability. The vulnerability … Continue reading
Europe's largest copper producer Aurubis victim of cyber attack (Oct. 28, 2022)
[German]Aurubis, Europe's largest copper smelter by its own account, fell victim to a hacker attack in the night from Thursday to Friday (Oct. 28, 2022). As a precaution, the IT systems in Hamburg were then disconnected from the Internet and … Continue reading