Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Vulnerabilities in Wyze Cam IoT camera firmware (March 2022)
[German]Security researchers from Bitdefender are drawing attention to vulnerabilities they have discovered in the firmware of Wyze CAM IP video cameras. According to Bitdefender, attackers can bypass the authentication process, gain complete control over the device and read information and … Continue reading
Microsoft warns of (fixed) Defender spoofing vulnerability
Microsoft has sent a security alert by mail as of 30 March 2022, with a warning about a the vulnerability CVE-2022-23278. This is a spoofing vulnerability in Microsoft Defender for Endpoint, which has already been closed in Android and iOS … Continue reading
New IcedID malware campaign targets unpatched Exchange Server (March 2022)
[German]Another note to administrators of Microsoft Exchange Servers. Security researchers have observed a malware campaign that distributes the IcedID banking Trojan and targets Microsoft Exchange Servers that have not received all security updates. The attackers are attempting to hook into … Continue reading
Purple Fox with new infection vector
[German]Trend Micro Research has published a new blog post reporting on a new malware campaign. Purple Fox operators are using updated tools and a new arrival vector to infect their victims. They use fake copies of popular software like WhatsApp … Continue reading
Ukraine Doxing des FSB members, dismantles bot farms, telecom operator hit by cyber attack
[German]Ukrtelecom, the largest fixed-line provider in Ukraine, was crippled for hours by a cyber attack, which also affected the internet. Furthermore, Ukraine has been responsible for botnet farms designed to spread disinformation since the beginning of the war. Military intelligence … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Okta admits a mistake regarding disclosure in "Lapsus$ hack"
[German]This is the "best" image that the authentication service Okta is giving off right now. The Lapsus$ gang had claimed to have hacked Okta, which possible could have threatened hundreds of customers and made them victims of attacks. But it … Continue reading
Microsoft Security Update Revisions (March 25, 2022)
Microsoft has released several revisions for security updates on 25 March 2022. The revisions address changed vulnerability assessments. Here is an uncommented overview.
Fix for vulnerability CVE-2022-104 in Sophos Firewall (v18.5 MR3)
[German]A security researchers have found a vulnerability CVE-2022-104 (authentication bypass) in Sophos firewalls (v18.5 MR3 and older) that allows authentication bypass. Attackers could thus take over the firewall and execute malicious code remotely. However, Sophos has since released an update … Continue reading
"Browser in the browser" Phishing
[German]A security researcher has recently introduced a technique to make intercepting credentials via phishing even more efficient. He calls the technique BitB, short for "browser in the browser". A fake browser window is displayed within a real login page in … Continue reading
Anonymous has hacked Central Bank of Russia, 2nd hack of state-owned VGTRK media group?
[German]The hacker group Anonymous has claimed responsibility for a hack of the Central Bank of Russia in which a lot of data was captured. The group has now published 28 GB of this data. A second hacker group calling itself … Continue reading