Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
ASUS/Gigabyte Mainboards: CosmicStrand Rootkit found in UEFI Firmware
[German]Security researchers from Kaspersky have tracked down a malware that was hidden in the UEFI firmware of various mainboards from ASUS and Gigabyte. The Chinese malware, CosmicStrand, is said to have been undetected in the UEFI of the affected motherboards … Continue reading
AD security on the test bench
[German]Another topic for administrators responsible for using a Microsoft Active Directory (AD) in the enterprise. Rumor has it that many companies rely on Microsoft's AD for their IT in business operations. The stuff has been on the market for 20 … Continue reading
Bye, bye Windows Information Protection (WIP) … (July 2022)
[German]Short message for administrators who rely on WIP (Windows Information Protection) to protect corporate data. It's probably already known – but I'll mention it briefly anyway: Microsoft has "let WIP die", because Windows Information Protection will no longer be supported … Continue reading
TeamViewer: Fingerprinting via installed font
[German]Users who use TeamViewer as remote maintenance software and install the software under the Windows operating system can be tracked on the web via fingerprinting. The reason is a font installed by the software, as Tarnkappe reports. Norwegian software developer … Continue reading
LAPSUS$ exposes security vulnerabilities at tech companies
[German]I reported on the LAPSUS$ hacker group, which is reportedly made up of teenagers, here on the blog. Security researchers at Tenable have taken a closer look at the hacker group and published an analysis. The conclusion: the group's tactics … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Edge 103.0.1264.71 (July 22, 2022) with fix for vulnerability used in the wild
Microsoft has updated the Edge browser in the stable channel to version 103.0.1264.71 as of July 22, 2022. It is a maintenance update that also includes a fix for the vulnerability CVE-2022-2294. Thanks to the user for pointing this out.
Microsoft continues rollout for default disabling of Office VBA macros
[German] is once again moving forward with its plans to disable macros in Office 365 by default. Macros in Office are a gateway for malware such as Dridex, Emotet, Trickbot, Qbot, etc. It's an on-off story that Microsoft has been … Continue reading
Google blocks "Computing Machinery" because of alleged malware
[German]Google has been blocking the Computing Machinery (acm.org) website for several hours due to malware, triggering corresponding warnings in Chrome and Firefox browsers. Visitors can then only visit the pages at their own risk. I tracked it down – it … Continue reading
Confluence Security Advisory 2022-07-20
[German]Confluence released Security Advisory 2022-07-20 on July 20, and updated it today. The security advisory addresses Confluence accounts with hardcoded credentials created by Questions for Confluence. This affects the Confluence app for Confluence Server and Confluence Data Center.
CISA: Windows vulnerability CVE-2022-22047 must be patched by Aug. 2, 2022
[German]U.S. Cyber Security Administration (CISA) has set a deadline of August 2, 2022 for U.S. institutions to fix the CVE-2022-22047 vulnerability, which is rated with a CVSS index of 7.8. This vulnerability in the Client Server Runtime Subsystem (CSRSS) affects … Continue reading
Posted in Security, Update, Windows
Tagged Patchday 7.2022, Security, Update, Windows
Leave a comment