Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Serious vulnerabilities in Cisco networking hardware (Sept. 2022)
[German]Short addendum from this week. The manufacturer Cisco has published extensive security advisories and updates for its network hardware as of September 28, 2022. The updates affect switches and wireless controllers from this manufacturer, among others. Attackers could disrupt the … Continue reading
Mandiant, VMware and US-CERT warn of malware targeting VMware ESXi servers
[German]Google-acquired security vendor Mandiant has encountered a new malware family (VirtualPITA, VirtualPIE, and VirtualGATE) that targets virtualization solutions like VMware ESXi Server and uses specialized techniques to infiltrate. VMware has issued a security advisory to that effect, and US-CERT is … Continue reading
Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333
[German]Last night I had reported on the blog about a 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers, which is already being exploited in the wild. Within hours, Microsoft has now responded and confirmed that they are currently investigating two … Continue reading
Exchange Server servers attacked via 0-day exploit (Sept. 29, 2022)
[German]There are reports that a new zero-day exists in Microsoft Exchange that is being actively exploited in the wild. Security researchers confirm that some installations – including a honeypot – are already infected. Details about the zero-day are not yet … Continue reading
Thunderbird 102.3.1 released
[German]The developers of Thunderbird have released another update of the email client to version 102.3.1 on September 28, 2022. It is a bug-fix update, which should fix a number of problems and vulnerabilities.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Barracuda Networks: Spam filter/virus scan blocks mails globally (September 29, 2022)
[German]Brief notification for administrators who use a mail protection / security solution from Barracuda Networks in an enterprise environment. Since tonight (September 29, 2022) there seems to be a problem that emails get stuck in their spam filters (Email Security … Continue reading
Chrome 106.0.5249.61/62 released
[German]Google has released the update of Google Chrome 106.0.5249.61 for Mac/Linux and Chrome 106.0.5249.61/62 for Windows on September 28, 2022. It is a new development branch, with the update fixing 20 vulnerabilities.
Malware trend August 2022: Emotet no more #1
[German]CheckPoint has released its Global Threat Index for August 2022, a top list of malware infections. Surprisingly for me, the previously frequently mentioned Emotet ransomware has been displaced from the top spot it held in previous months. Now, a malware … Continue reading
HP printers: Critical vulnerability (Sept. 2022)
[German]HP has published a warning about a buffer overflow vulnerability in the firmware of various printer models (Inkjet, Laserjet Pro and HP PageWide Pro printers) on September 21, 2022. One vulnerability even potentially allows remote code execution (RCE). Firmware updates … Continue reading
Sophos XG Firewall: RCE vulnerability (CVE-2022-3236)
[German]Vendor Sophos warns about a remote code execution vulnerability in its firewall. There is a code injection vulnerability in the Sophos XG Firewall user portal and web admin (UTM products not affected). This vulnerability is already being exploited in a … Continue reading