Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Microsoft disables MSIX ms-appinstaller protocol handler in Windows (Feb. 2022)
[German]After ransomware like Emotet or BazarLoader abused the MSIX ms-appinstaller protocol handler, Microsoft has now reacted again. The entire MSIX ms-appinstaller protocol handler has been disabled in Windows for the time being – more or less as protection against Emotet, … Continue reading
Windows: ESET virus scanners have a LPE vulnerability
[German]Slovakian antivirus vendor ESET has issued a warning for users of its Windows products. Certain antivirus products have a Local Privilege Escalation (LPE) vulnerability CVE-2021-37852 in older versions. This allows a local attacker to gain SYSTEM privileges from a default … Continue reading
Cyberattack on Oiltanking: Black Cat ransomware group responsibe, also for Colonial Pipeline Hack
[German]An addendum to the cyberattack of Saturday, January 29, 2022 on Oiltanking, a company belonging to the Hamburg-based Marquard & Bahls group, and the IT of Mabanaft, an oil trader belonging to the same group. The crippled parts of the … Continue reading
Chrome 98.0.4758.8x released, fixes 27 vulnerabilities
[German]Google has released updates to Google Chrome 98.0.4758.80/81/82 for Windows and 98.0.4758.80 for Mac and Linux on February 1, 2022. The Android browser has been updated to version 98.0.4758.87 and the iOS version to 98.0.4758.85. The updates close 27 vulnerabilities. … Continue reading
Malicious CSV files can install BazarBackdoor
[German]Cyber criminals have found a way to abuse text-based CSV files in order to install BazarBackdoor malware on victims' systems. Security researchers probably came across this fact while monitoring a phishing campaign. The culprit is the ability to access the … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Cyber attack on German Oiltanking shuts down tank terminal, Dutch Shell also affected
[German]Oiltanking, a German company belonging to the Hamburg-based Marquard & Bahls group, has been the victim of a cyberattack. In addition, the IT of the mineral oil trader Mabanaft, which belongs to the same group, is also said to have … Continue reading
QNAP: DeadBolt attacks via vulnerability patched in December 2021
[German]The question why NAS manufacturer QNAP recently updated its devices via forced update has now been answered. The attacks by the DeadBolt ransomware that took place in January 2022 were only possible if the NAS owners made them accessible on … Continue reading
Posted in devices, Security, Software, Update
Tagged devices, NAS, Ransomware, Security
Leave a comment
Windows 10: Proof of Concept for vulnerability CVE-2022-21882
[German]In January 2022, Microsoft closed the CVE-2022-21882 (Win32k Privilege Escalation) vulnerability in Windows 10/11 and Windows Server 20H2 on Patchday. However, the patch was not installed everywhere because of the many collateral damages. Now a public proof of concept (PoC) … Continue reading
Linux: Microsoft recommendation on enforcement mode against Active Directory takeover may cause issues
[German]Microsoft recommends installing the November 2021 security updates on Windows servers that operate as DCs as protection against a domain takeover caused by the vulnerabilities CVE-2021-42287 and CVE-2021-42278. And Micrsooft also recommends enabling so-called enforcement mode to protect against the … Continue reading
Over 20,000 HPE Proliant servers with outdated iLO accessible via the Internet
[German]Advisory for administrators of HPE Proliant servers running outdated or unpatched HPEs Integrated Lights-out versions. The Internet Storm Center (SANS ISC) warned this week that more than 20,000 HPE Proliant servers were accessible via the Internet. Wouldn't be such a … Continue reading