Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Phishing attacks by state hackers via new RTF template injection technique
[German]Security vendor Proof Point observed three APT actors from India, Russia and China using a novel RTF template injection technique for phishing attachments to retrieve malicious content from a remote URL in 2021. The security researcher fear, that this technique … Continue reading
0patch fixes InstallerTakeOver LPE 0-day vulnerability in Windows
[German]The ACROS Security team around founder Mitja Kolsek has now developed and released the third micro-patch within two weeks for a vulnerability discovered by security researchers. The current micro-patch is about a 0-day InstallerTakeOver Local Privilege Escalation (LPE) vulnerability in … Continue reading
Examples of virus mails from a compromised Exchange server
[German]I had warned here in the blog several times that unpatched Exchange servers are attacked by thread actors, and that they are abused to send spam after a takeover. A blog reader has now sent me a short info (thanks) … Continue reading
Windows 10/11: The risky "trusted" Apps-Installer – abused by Emotot gang
[German]Hoh hoh, folks, today we can open the second door in the Advent calendar and see what Microsoft has put in as a surprise for us. Today we find the AppX installer, which is used in Windows 10 and Windows … Continue reading
Europol arrests 1,803 money mules of Internet fraudsters
[German]Investigations by Europol and other law enforcement agencies uncovered a network of money mules that have been identified. The money mules laundered profits from online scams such as compromising business emails and forex fraud. In a joint operation with various … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
German CERT-Bund warns about vulnerable Exchange Server with OWA reachable from Internet
[German]It seems, that many vulnerable Microsoft Exchange servers are been used to play Russian roulette. German CERT-Bund has alerted a warning. They found about 12,000 Exchange Servers 2013/2016/2019, whose OWA is accessible via the Internet and which have at least … Continue reading
Microsoft Defender Version 1.353.1874.0 version 1.353.1874.0 incorrectly reports Emotet
[German]A brief note for administrators. Microsoft Defender reportes a PowEmotoet.SB infection has been blocked and quarantined and possibly triggers Microsoft Office? This is a false alarm, which was triggered by an update of the signature files to version 1.353.1874.0. Here … Continue reading
Printing Shellz: Vulnerabilities in HP multi-function printers (MFPs)
[German]Today (Nov. 30,) is Computer Security Day, and this topic fits perfectly. There are several firmware vulnerabilities of certain HP LaserJet, HP LaserJet Managed, HP PageWide and HP PageWide Managed products. These are potentially vulnerable to a buffer overflow. This … Continue reading
Panasonic: Data leak over four months
[German]Japanese (electronics) company Panasonic admitted last Friday to unauthorized access to its servers by a third party. A thin-lipped announcement reported only one access on Nov. 11, 2021. But those accesses appear to have occurred over the past four months, … Continue reading
November 30, is Computer Security Day
[German]November 30, is Computer Security Day, a day that has been dedicated to secure IT worldwide since 1988. The initiative for Computer Security Day goes back to the US Association for Computer Security Day. The aim of this day of … Continue reading