Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Warning: Sophos XG firewall vulnerability CVE-2022-3236 under massive attack
[German]A few hours ago, information came to my attention on Twitter that the RCE vulnerability CVE-2022-3236 in Sophos XG Firewalls is under massive attack. I had reported about the vulnerability in September 2022 and recommended patching it immediately. Here are … Continue reading
German security vendor DCSO finds Maggie backdoor in MS SQL servers
[German]Technical threat research experts from German security firm DCSO recently came across a new type of backdoor. Dubbed Maggie, the malware targets Microsoft SQL servers, and an analysis found hundreds of infected installations worldwide. Here is a brief overview of … Continue reading
Exchange Server: Microsoft updates it's mitigation for the 0-day ProxyNotShell vulnerability (October 5, 2022)
[German]It's becoming somewhat like a never-ending story. Two 0-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) in Microsoft's on-premises Exchange Servers (2013, 2016, and 2019) have been known since late September 2022. The vulnerabilities, known as ProxyNotShell, are already being exploited in the wild. … Continue reading
Microsoft's 0-day protection bypassed, new assessments (Oct. 3, 2022)
[German]A 0-day vulnerability (ZDI-CAN-18333) in Microsoft's on-premises Exchange Servers (2013, 2016, and 2019) has been known since late September 2022. The vulnerabilities (CVE-2022-41040, CVE-2022-41082) are already being exploited in the wild. Microsoft did respond and published a workaround as well … Continue reading
Chrome 106.0.5249.91 released
[German]Google has released the Google Chrome 106.0.5249.91 update for Mac and Windows on September 30, 2022. Both the Stable Channel and the Extended Stable Channel will receive this security update. It is a bug fix update that addresses vulnerabilities.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Update on Exchange Server 0-day Vulnerability ZDI-CAN-18333: Fixes, Scripts and EMS Solution
[German]The 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers (2013, 2016 and 2019) became public at the end of September. The vulnerabilities (CVE-2022-41040, CVE-2022-41082) are already being exploited in the wild. Now Microsoft is rolling out URI rewrite rules via … Continue reading
Serious vulnerabilities in Cisco networking hardware (Sept. 2022)
[German]Short addendum from this week. The manufacturer Cisco has published extensive security advisories and updates for its network hardware as of September 28, 2022. The updates affect switches and wireless controllers from this manufacturer, among others. Attackers could disrupt the … Continue reading
Mandiant, VMware and US-CERT warn of malware targeting VMware ESXi servers
[German]Google-acquired security vendor Mandiant has encountered a new malware family (VirtualPITA, VirtualPIE, and VirtualGATE) that targets virtualization solutions like VMware ESXi Server and uses specialized techniques to infiltrate. VMware has issued a security advisory to that effect, and US-CERT is … Continue reading
Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333
[German]Last night I had reported on the blog about a 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers, which is already being exploited in the wild. Within hours, Microsoft has now responded and confirmed that they are currently investigating two … Continue reading
Exchange Server servers attacked via 0-day exploit (Sept. 29, 2022)
[German]There are reports that a new zero-day exists in Microsoft Exchange that is being actively exploited in the wild. Security researchers confirm that some installations – including a honeypot – are already infected. Details about the zero-day are not yet … Continue reading